CVE-2017-6771

CVE Database · CVE-2017-6771

CVE-2017-6771

· N/AModified

CVSS v3.1

N/A

EPSS

1.71%

Published

Aug 17, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to a specific URL of an affected device. An exploit could allow the attacker to view sensitive configuration information about the deployment. Cisco Bug IDs: CSCvd29358. Known Affected Releases: 21.0.v0.65839.

Weaknesses (CWE)

CWE-200

Affected Products (1)

cisco · ultra_services_frameworkvulnerable

References (4)

http://www.securityfocus.com/bid/100385

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-usf

Vendor Advisory

http://www.securityfocus.com/bid/100385

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-usf

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs