CVE-2017-3871

MEDIUM

Cisco Prime Optical <10.6.0.1 - Info Disclosure

Title source: llm
STIX 2.1

Description

A RADIUS Secret Disclosure vulnerability in the web network management interface of Cisco Prime Optical for Service Providers could allow an authenticated, remote attacker to disclose sensitive information in the configuration generated for a device. The attacker must have valid credentials for the device. More Information: CSCvc65257. Known Affected Releases: 10.6(0.1).

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/96928

Scores

CVSS v3 4.3
EPSS 0.0094
EPSS Percentile 56.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (2)
cisco/prime_optical 10.6\(0.1\)
n/a/Cisco Prime Optical for Service Providers Cisco Prime Optical for Service Providers
Published Mar 17, 2017
Tracked Since Feb 18, 2026