CVE-2017-6774

Name of the Vulnerable Software and Affected Versions Cisco ASR 5000 Series Aggregated Services Routers version 21.0.v0.65839

Description A vulnerability could allow an authenticated, remote attacker to overwrite or modify sensitive system files due to the inclusion of these files within specific FTP subdirectories. An attacker could exploit this by overwriting sensitive configuration files through FTP, potentially allowing them to modify configuration files on an affected system.

Recommendations For version 21.0.v0.65839, consider restricting FTP access to sensitive system files as a temporary workaround until a patch is available. Restrict access to the FTP subdirectories containing sensitive system files to minimize the risk of exploitation.