How severe is CVE-2017-6758?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2017-6758?

This is classified as CWE-22, which is a common weakness in software security.

CVE-2017-6758 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

A vulnerability in the web framework of Cisco Unified Communications Manager 11.5(1.10000.6) could allow an authenticated, remote attacker to access arbitrary files in the context of the web root directory structure on an affected device. The vulnerability is due to insufficient input validation by the affected software. An attacker could exploit this vulnerability by using directory traversal techniques to read files in the web root directory structure on the Cisco Unified Communications Manager filesystem. Cisco Bug IDs: CSCve13796.

Related Vulnerabilities

CVE-2009-4053

MEDIUM

CVSS:6.5(Medium)

Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote authenticated users to (1) create arbitrary directories via directory traversal sequences in an MKD command or (...

CWE-222009

CVE-2009-4449

MEDIUM

CVSS:6.5(Medium)

Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.4.10, and possibly earlier versions, when changing the user avatar from the gallery, allows remote authenticated users to determine th...

CWE-222009

CVE-2011-4350

MEDIUM

CVSS:6.5(Medium)

Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw to obtain content of arbitrary local files via specially-crafte...

CWE-222011

CVE-2013-1597

MEDIUM

CVSS:6.5(Medium)

A Directory Traversal vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via a specially crafted GET request, which could let a malicious user obtain user credentials.

CWE-222013

CVE-2013-1891

MEDIUM

CVSS:6.5(Medium)

In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.

CWE-222013

CVE-2013-3993

MEDIUM

CVSS:6.5(Medium)

IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or access untrusted data or code, via crafted parameters in unspecified ...

CWE-222013