CVE-2017-6704
Severity
6.5MEDIUM
EPSS
1.0%
top 23.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 4
Latest updateMay 17
Description
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem. More Information: CSCvc90335. Known Affected Releases: 12.1.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages2 packages
🔴Vulnerability Details
2GHSA▶
GHSA-3rgx-c7jv-r7q6: A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arb↗2022-05-17
CVEList▶
CVE-2017-6704: A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arb↗2017-07-04