What is CVE-2017-6758?

CVE-2017-6758 is a medium-severity vulnerability in Cisco Unified_communications_manager, classified under Path Traversal. CVSS score: 6.5/10. Published 2017-08-07.

How severe is CVE-2017-6758?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Path Traversal in Cisco Unified_communications_manager

CVE-2017-6758

A vulnerability in the web framework of Cisco Unified Communications Manager 11.5(1.10000.6) could allow an authenticated, remote attacker to access arbitrary files in the context of the web root directory structure on an affected device…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.012 (79.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Cisco Unified_communications_manager — versions 11.5\(1.10000.6\)
N/a Cisco Unified Communications Manager — versions Cisco Unified Communications Manager

Weakness classification (CWE)

CWE-22 — Path Traversal

References

psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2017-6758?: CVE-2017-6758 is a medium-severity vulnerability in Cisco Unified_communications_manager, classified under Path Traversal. CVSS score: 6.5/10. Published 2017-08-07.
How severe is CVE-2017-6758?: Medium severity. CVSS v3 base score is 6.5 out of 10.