CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2017/07/06 12:0 a.m.•17 views

CVE-2017-6709

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller ESC and Cisco OpenStack deployments in an affected system. The vulnerability exists because the...

9.5AI score0.01292EPSS

Cisco•added 2017/07/05 4:0 p.m.•22 views

Cisco Ultra Services Framework AutoVNF Symbolic Link Handling Information Disclosure Vulnerability

7.5CVSS9.6AI score0.01456EPSS

Cisco•added 2017/07/05 4:0 p.m.•27 views

Cisco Ultra Services Framework AutoVNF Log File User Credential Information Disclosure Vulnerability

7.5CVSS9.5AI score0.01292EPSS

NVD•added 2017/06/13 6:29 a.m.•20 views

CVE-2017-6680

A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system. More Information: CSCvc76652. Known Affected Releases: 21.0.0...

7.5CVSS7.6AI score0.01352EPSS

OSV•added 2017/06/13 6:29 a.m.•1 views

CVE-2017-6681

A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker to read sensitive files on the system. More Information: CSCvc76662. Known Affected Releases:...

7.5CVSS5.9AI score0.02559EPSS

OSV•added 2017/06/13 6:29 a.m.•2 views

CVE-2017-6680

7.5CVSS5.9AI score0.01352EPSS

Prion•added 2017/06/13 6:29 a.m.•10 views

Path traversal

5CVSS7.5AI score0.02559EPSS

Prion•added 2017/06/13 6:29 a.m.•16 views

Design/Logic Flaw

5CVSS7.5AI score0.01352EPSS

CVE•added 2017/06/13 6:0 a.m.•42 views

CVE-2017-6680

The CVE-2017-6680 issue affects Cisco Ultra Services Framework (USF) AutoVNF logging function. The vulnerability arises from insufficient checks when creating directories, allowing an unauthenticated, remote attacker to create arbitrary directories on the affected system (potentially as root) and...

7.5CVSS7.5AI score0.01352EPSS

CVE•added 2017/06/13 6:0 a.m.•56 views

CVE-2017-6681

The CVE-2017-6681 vulnerability affects Cisco Ultra Services Framework (USF) AutoVNF VNFStagingView, specifically a flaw in URL handling that allows a remote, unauthenticated attacker to perform a relative path traversal and read sensitive files. Affected release is Cisco USF version 21.0.0. The ...

7.5CVSS7.6AI score0.02559EPSS

Cvelist•added 2017/06/13 6:0 a.m.•21 views

CVE-2017-6680

7.6AI score0.01352EPSS

Cvelist•added 2017/06/13 6:0 a.m.•18 views

CVE-2017-6681

7.6AI score0.02559EPSS

Cisco•added 2017/06/07 4:0 p.m.•34 views

Cisco Ultra Services Framework AutoVNF Arbitrary Direction Creation Vulnerability

A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system. The vulnerability is due to insufficient checks when creating directories on the system. An attacker could...

4.3CVSS7.6AI score0.01352EPSS

Cisco•added 2017/06/07 4:0 p.m.•33 views

Cisco Ultra Services Framework AutoVNF VNFStagingView Information Disclosure Vulnerability

A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker to read sensitive files on the system. The vulnerability is due to insufficient sanity checks...

4.3CVSS7.6AI score0.02559EPSS