CVE-2017-6686

HIGH

Cisco Ultra Services Framework Element Manager - Privilege Escalation

Title source: llm

Description

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76699. Known Affected Releases: 21.0.0.

References (2)

[Vendor Advisory] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf4

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/98988

Scores

CVSS v3 8.8

EPSS 0.0077

EPSS Percentile 73.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-1188

Status published

Products (2)

cisco/ultra_services_framework_element_manager 21.0.0

n/a/Cisco Ultra Services Framework Element Manager Cisco Ultra Services Framework Element Manager

Published Jun 13, 2017

Tracked Since Feb 18, 2026