CVE-2017-6703
Published Jul 4, 2017
Last updated 7 years ago
Overview
- Description
- A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. More Information: CSCvc90346. Known Affected Releases: 12.1.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 5.9
- Impact score
- 4.2
- Exploitability score
- 1.6
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 4.9
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-287
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_collaboration_provisioning:11.2_base:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "692B0971-C745-47D6-92E3-5361D4108F95"
},
{
"criteria": "cpe:2.3:a:cisco:prime_collaboration_provisioning:11.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31DC57C2-8870-4663-830F-C6209F47DF06"
},
{
"criteria": "cpe:2.3:a:cisco:prime_collaboration_provisioning:11.6_base:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFE3B08D-338D-49EF-A76D-599FC36A18F9"
},
{
"criteria": "cpe:2.3:a:cisco:prime_collaboration_provisioning:12.1_base:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD3A6CED-EBF9-47B1-94F7-7FE63A297418"
}
],
"operator": "OR"
}
]
}
]