132 matches found
CVE-2017-6771
A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to...
CVE-2017-6771
A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to...
CVE-2017-6771
The CVE-2017-6771 vulnerability affects the Cisco Ultra Services Framework AutoVNF automation tool, where an unauthenticated, remote attacker can view sensitive configuration data by browsing to a specific URL. Root cause: inadequate protection of sensitive data within AutoVNF. Impact: informatio...
CVE-2017-6771
A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to...
Cisco Ultra Services Framework AutoVNF Configuration Information Disclosure Vulnerability
A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to...
Cisco Ultra Services Framework Information Disclosure Vulnerability
Cisco Ultra Services Framework is an intelligent online service delivery platform from the U.S. company Cisco Cisco. An information disclosure vulnerability exists in the AutoVNF VNFStagingView class in Cisco Ultra Services Framework version 21.0.0, which stems from the program failing to...
Internet Explorer Memory Corruption Vulnerability
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory via the Microsoft Windows Text Services Framework. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...
Cisco Ultra Services Framework Information Disclosure Vulnerability
Cisco Ultra Services Framework is the United States Cisco Cisco a smart online services payment platform. An information disclosure vulnerability exists in the symboliclink symlink creation function of the AutoVNF tool in the Cisco Ultra Services Framework, which arises from the program failing t...
Cisco Ultra Services Framework AutoVNF User Credential Information Disclosure Vulnerability
Cisco Ultra Services Framework is an intelligent online service delivery platform from Cisco.AutoVNF tool is one of the virtualized network tools. An information disclosure vulnerability exists in the AutoVNF tool in Cisco Ultra Services Framework versions prior to 5.0.3 and versions prior to 5.1...
Cisco Ultra Services Framework Staging Server Arbitrary Command Execution Vulnerability
Cisco Ultra is the virtual, mobile services platform. A security vulnerability in the AutoIT service of the Cisco Ultra Services Framework Staging Server can be exploited by an unauthenticated, remote attacker to execute arbitrary shell commands as a Linux root user due to a failure to properly...
Cisco Ultra Services Framework Unauthorized Access Vulnerability
Cisco Ultra Services Framework is an intelligent online service delivery platform from Cisco.Ultra Automation Service is one of the automation services. A security vulnerability exists in Cisco Ultra Services Framework for UAS versions prior to 5.0.3 and prior to 5.1. A remote attacker could...
CVE-2017-6709
A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller ESC and Cisco OpenStack deployments in an affected system. The vulnerability exists because the...
CVE-2017-6714
A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. The vulnerability is due to improper shell invocations. An attacker could exploit this vulnerability b...
CVE-2017-6709
A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller ESC and Cisco OpenStack deployments in an affected system. The vulnerability exists because the...
CVE-2017-6708
A vulnerability in the symbolic link symlink creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. The vulnerability is due to the absence of...
CVE-2017-6711
A vulnerability in the Ultra Automation Service UAS of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device. The vulnerability is due to an insecure default configuration of the Apache ZooKeeper service used by the...
Input validation
A vulnerability in the symbolic link symlink creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. The vulnerability is due to the absence of...
Code injection
A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller ESC and Cisco OpenStack deployments in an affected system. The vulnerability exists because the...
CVE-2017-6709
A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller ESC and Cisco OpenStack deployments in an affected system. The vulnerability exists because the...
CVE-2017-6714
CVE-2017-6714 affects Cisco Ultra Services Framework Staging Server; the AutoIT service allows an unauthenticated remote attacker to execute arbitrary Linux shell commands as root due to improper shell invocations. Impact is confirmed as remote, unauthenticated arbitrary command execution with ro...