CVE-2017-6687 - A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remo

CVE-2017-6687

Summary

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system, aka an Insecure Default Password Vulnerability. More Information: CSCvc76695. Known Affected Releases: 21.0.0.

References

Vulnerable Configurations

cpe:2.3:a:cisco:ultra_services_framework_element_manager:21.0.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ultra_services_framework_element_manager:21.0.0:*:*:*:*:*:*:*

CVSS

Base:	6.5 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

CWE-1188

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:P/A:P

refmap via4

bid	98981
confirm	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf5

Last major update

03-10-2019 - 00:03

Published

13-06-2017 - 06:29

Last modified

03-10-2019 - 00:03