CVE-2017-6704

Name of the Vulnerable Software and Affected Versions Cisco Prime Collaboration Provisioning tool version 12.1

Description A vulnerability in the web application could allow an authenticated, remote attacker to perform arbitrary file downloads, potentially allowing the attacker to read files from the underlying filesystem.

Recommendations For version 12.1, update to a version that fixes the issue, as the current version allows arbitrary file downloads that could compromise the system's security.