CVE-2017-6783

CWE-200Information Exposure4 documents4 sources
Severity
4.3MEDIUM
EPSS
0.3%
top 48.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Cisco Systems, Inc. Content Security Management Appliance (sma)Cisco Systems, Inc. Email Security Appliance (esa)Cisco Systems, Inc. WEB Security Appliance (wsa)+3 more
Timeline
PublishedAug 17
Latest updateMay 17

Description

A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user. The vulnerability occurs because the appliances do not protect confidential information at rest in response to Simple Network Management Protocol (SNMP) poll requests. An attacker cou

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages6 packages

🔴Vulnerability Details

2
GHSA
GHSA-4p7m-9f38-j933: A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance2022-05-17
CVEList
CVE-2017-6783: A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance2017-08-17

📋Vendor Advisories

1
Cisco
Cisco Security Appliances SNMP Polling Information Disclosure Vulnerability2017-08-16
CVE-2017-6783 (MEDIUM CVSS 4.3) | A vulnerability in SNMP polling for | cvebase.io