Vulnerability Details CVE-2017-6704
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem. More Information: CSCvc90335. Known Affected Releases: 12.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- http://www.securityfocus.com/bid/99223
- http://www.securitytracker.com/id/1038744
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp2
- http://www.securityfocus.com/bid/99223
- http://www.securitytracker.com/id/1038744
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp2
Products affected by CVE-2017-6704
-
cpe:2.3:a:cisco:prime_collaboration_provisioning:12.1