PT-2017-17247 · Cisco · Services Controller
Publicado
2017-06-13
·
Atualizado
2019-10-03
·
CVE-2017-6693
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Elastic Services Controllers versions 2.2(9.76) through 2.3(1)
Description
A vulnerability in the ConfD server component could allow an authenticated, local attacker to access information stored in the file system of an affected system. This issue is related to unauthorized directory access.
Recommendations
For version 2.2(9.76), update to a version that fixes this issue.
For version 2.3(1), update to a version that fixes this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Services Controller