CVE-2017-6771

Name of the Vulnerable Software and Affected Versions Cisco Ultra Services Framework version 21.0.v0.65839

Description A vulnerability in the AutoVNF automation tool could allow an unauthenticated, remote attacker to acquire sensitive information due to insufficient protection of sensitive data. An attacker could exploit this by browsing to a specific URL of an affected device, potentially allowing them to view sensitive configuration information about the deployment.

Recommendations For version 21.0.v0.65839, consider restricting access to the specific URL that could be exploited to view sensitive configuration information until a fix is available. As a temporary workaround, limit browsing to this URL to prevent potential exploitation.