CVE-2017-6694
MEDIUMCisco Ultra Services Platform - Authenticated Cleartext Credential Exposure in VNFM Logging
Title source: llmDescription
A vulnerability in the Virtual Network Function Manager's (VNFM) logging function of Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive data (cleartext credentials) on an affected system. More Information: CSCvd29355. Known Affected Releases: 21.0.v0.65839.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/98972
Vendor Advisory x_refsource_confirm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usp1
Scores
CVSS v3
5.5
EPSS
0.0027
EPSS Percentile
19.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-522
Status
published
Products (2)
cisco/ultra_services_platform
21.0.v0.65839
n/a/Cisco Ultra Services Platform
Cisco Ultra Services Platform
Published
Jun 13, 2017
Tracked Since
Feb 18, 2026