CVE-2017-6706

MEDIUM

Cisco Prime Collaboration Provisioning Tool - Unauthenticated Sensitive Information Exposure via Logging Subsystem

Title source: llm
STIX 2.1

Description

A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd07260. Known Affected Releases: 12.1.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1038744
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/99204

Scores

CVSS v3 5.1
EPSS 0.0038
EPSS Percentile 30.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Details

CWE
CWE-200
Status published
Products (5)
cisco/prime_collaboration_provisioning 11.2_base
cisco/prime_collaboration_provisioning 11.5.0
cisco/prime_collaboration_provisioning 11.6_base
cisco/prime_collaboration_provisioning 12.1_base
n/a/Cisco Prime Collaboration Provisioning Tool Cisco Prime Collaboration Provisioning Tool
Published Jul 04, 2017
Tracked Since Feb 18, 2026