Published: 13/06/2017 Updated: 21/06/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote malicious user to execute a relative path traversal attack, enabling an malicious user to read sensitive files on the system. More Information: CSCvc76662. Known Affected Releases: 21.0.0.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ultra services framework 21.0.0

A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker to read sensitive files on the system The vulnerability is due to insufficient sanity checks against crafted URL requests An attacker could exploit ...

CWE-22 CWE-200 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf2 http://www.securityfocus.com/bid/98977 https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf2

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-6681

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect