Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCiscoCVELIST:CVE-2017-6708
HistoryJul 06, 2017 - 12:00 a.m.

CVE-2017-6708

2017-07-0600:00:00
CWE-200
cisco
www.cve.org
3

AI Score

9.5

Confidence

High

EPSS

0.004

Percentile

72.7%

JSON

A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. The vulnerability is due to the absence of validation checks for the input that is used to create symbolic links. This vulnerability affects all releases of the Cisco Ultra Services Framework prior to Releases 5.0.3 and 5.1. Cisco Bug IDs: CSCvc76654.

CNA Affected

[
  {
    "product": "Cisco Ultra Services Framework",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco Ultra Services Framework"
      }
    ]
  }
]

Related

prion 1
cisco 1
cve 1
nvd 1
prion
prion
Input validation
2017-07-06 00:29:00
cisco
cisco
Cisco Ultra Services Framework AutoVNF Symbolic Link Handling Information Disclosure Vulnerability
2017-07-05 16:00:00
cve
cve
CVE-2017-6708
2017-07-06 00:29:00
nvd
nvd
CVE-2017-6708
2017-07-06 00:29:00

AI Score

9.5

Confidence

High

EPSS

0.004

Percentile

72.7%

JSON
Related for CVELIST:CVE-2017-6708
prion1cisco1cve1nvd1