Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCiscoCVELIST:CVE-2017-6614
HistoryApr 20, 2017 - 10:00 p.m.

CVE-2017-6614

2017-04-2022:00:00
CWE-200
cisco
www.cve.org
3

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

33.4%

JSON

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access control (RBAC) for file-download requests that are sent to the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker to download and view any system file by using the affected software. Cisco Bug IDs: CSCvd11628.

CNA Affected

[
  {
    "product": "Cisco FindIT",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco FindIT"
      }
    ]
  }
]

Related

prion 1
nvd 1
cve 1
cisco 1
prion
prion
Design/Logic Flaw
2017-04-20 22:59:00
nvd
nvd
CVE-2017-6614
2017-04-20 22:59:00
cve
cve
CVE-2017-6614
2017-04-20 22:59:00
cisco
cisco
Cisco FindIT Network Probe Information Disclosure Vulnerability
2017-04-19 16:00:00

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

33.4%

JSON
Related for CVELIST:CVE-2017-6614
prion1nvd1cve1cisco1