CVE-2017-6759 - AskarLabs CVE Database

CVE-2017-6759

Vendor N/A

Product Cisco Prime Collaboration Provisioning Tool

Weakness CWE-20 · Input validation

Published August 7, 2017

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by triggering the upgrade package installation functionality. Cisco Bug IDs: CSCvc90304.

Key dates

02Disclosure timeline

August 7, 2017 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-6759

Related vulnerabilities

04Related CVE

CVE-2023-25692 Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service CVE-2018-15411 Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities CVE-2023-6381 Improper input validation in Newsletter Software SuperMailer CVE-2021-44363 CVE-2024-22117 Value of sysmap_element_url can be de-synchronized causing the map element to crash when new URLs is added