CVE-2017-6687

HIGH

Cisco Ultra Services Framework Element Manager - Privilege Escalation

Title source: llm

Description

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system, aka an Insecure Default Password Vulnerability. More Information: CSCvc76695. Known Affected Releases: 21.0.0.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/98981

[Vendor Advisory] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf5

Scores

CVSS v3 8.8

EPSS 0.0077

EPSS Percentile 73.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-1188

Status published

Products (2)

cisco/ultra_services_framework_element_manager 21.0.0

n/a/Cisco Ultra Services Framework Element Manager Cisco Ultra Services Framework Element Manager

Published Jun 13, 2017

Tracked Since Feb 18, 2026