CVE-2017-3884
Published Apr 7, 2017
Last updated 5 years ago
Overview
- Description
- A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to access sensitive data. The attacker does not need administrator credentials and could use this information to conduct additional reconnaissance attacks. More Information: CSCvc60031 (Fixed) CSCvc60041 (Fixed) CSCvc60095 (Open) CSCvc60102 (Open). Known Affected Releases: 2.2 2.2(3) 3.0 3.1(0.0) 3.1(0.128) 3.1(4.0) 3.1(5.0) 3.2(0.0) 2.0(4.0.45D).
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0\\(4.0.45d\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "408D3C56-EB92-4013-860B-C60AF0D03D39"
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56394A07-6D74-4588-8C05-DE04959F7FC7"
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2\\(3\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9BCDE33-49E9-4B46-AE31-563F3B6434F5"
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48F3C5A5-6C84-408D-B59A-265F8775C943"
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27F4F1D6-82DA-4675-B734-D9C5371E6654"
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1\\(0.128\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F9CC0D0-08A5-45A0-BF1C-2D3E32D49B3E"
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1\\(4.0\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7500DF7B-FD3C-49B3-81C7-55E78B83A1C2"
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1\\(5.0\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5A66318-C59B-4D2C-B63E-5B1E3A61E63C"
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2\\(0.0\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "146E4ECF-B903-488C-8644-932FC57F072C"
}
],
"operator": "OR"
}
]
}
]