CVE-2017-6704

Summary

A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem. More Information: CSCvc90335. Known Affected Releases: 12.1.

Affected Software

VendorProductVersion RangeStatus
n/aCisco Prime Collaboration Provisioning ToolCisco Prime Collaboration Provisioning Toolaffected

Weaknesses

  • Arbitrary File Download Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References