CVE-2017-6793: Infoleak
First published: Thu Sep 07 2017(Updated: )
A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulnerability is due to insufficient protection of restricted information. An attacker could exploit this vulnerability by accessing unauthorized information via the user interface. Cisco Bug IDs: CSCvd61932.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Prime Collaboration Provisioning |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-6793?
The severity of CVE-2017-6793 is classified as medium, indicating that it could lead to unauthorized access to sensitive information.
How do I fix CVE-2017-6793?
To fix CVE-2017-6793, ensure that you are using the latest version of the Cisco Prime Collaboration Provisioning Tool with all security updates applied.
Who is affected by CVE-2017-6793?
CVE-2017-6793 affects users of the Cisco Prime Collaboration Provisioning Tool utilizing the Inventory Management feature.
Can CVE-2017-6793 be exploited remotely?
Yes, CVE-2017-6793 can be exploited by an authenticated, remote attacker.
What information could be exposed due to CVE-2017-6793?
CVE-2017-6793 could expose restricted information stored within the system due to insufficient protection.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco prime collaboration provisioning