CVE-2017-6692

HIGH

Cisco Ultra Services Framework Element Manager - Privilege Escalation

Title source: llm

Description

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker to log in to the device with the privileges of the root user, aka an Insecure Default Account Information Vulnerability. More Information: CSCvd85710. Known Affected Releases: 21.0.v0.65839.

References (2)

[Vendor Advisory] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf6

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/98980

Scores

CVSS v3 8.8

EPSS 0.0099

EPSS Percentile 77.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-1188

Status published

Products (2)

cisco/ultra_services_framework_element_manager 21.0.v0.65839

n/a/Cisco Ultra Services Framework Element Manager Cisco Ultra Services Framework Element Manager

Published Jun 13, 2017

Tracked Since Feb 18, 2026