How severe is CVE-2017-6643?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2017-6643?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2017-6643 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Virtual Directory information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks. Cisco Bug IDs: CSCvc52858.

Related Vulnerabilities

CVE-2007-3650

MEDIUM

CVSS:5.3(Medium)

myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via (1) an invalid year parameter to calendar.php, reached through index.php; (2) a direct request to common.php; and (...

CWE-2002007

CVE-2007-3651

MEDIUM

CVSS:5.3(Medium)

class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to obtain sensitive information via a '; (quote semicolon) sequence in the id parameter, which reveals the installation...

CWE-2002007

CVE-2010-3673

MEDIUM

CVSS:5.3(Medium)

TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows information disclosure in the mail header of the HTML mailing API.

CWE-2002010

CVE-2011-0736

MEDIUM

CVSS:5.3(Medium)

Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=...

CWE-2002011

CVE-2011-0737

MEDIUM

CVSS:5.3(Medium)

Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to obtain sensitive information via an id=- query to a .cfm file, which reveals the installation path in an error message. NOTE: the ven...

CWE-2002011

CVE-2011-4538

MEDIUM

CVSS:5.3(Medium)

Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords within exported settings.

CWE-2002011