How severe is CVE-2017-6777?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2017-6777?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2017-6777 - MEDIUM Severity | CVSS 4.9

Vulnerability Description

A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information. The vulnerability is due to insufficient protection of sensitive files on the system. An attacker could exploit this vulnerability by logging into the ConfD server and executing certain commands. An exploit could allow an unprivileged user to view configuration parameters that can be maliciously used. Cisco Bug IDs: CSCvd76409. Known Affected Releases: 2.3, 2.3(2).

Related Vulnerabilities

CVE-2012-4382

MEDIUM

CVSS:4.9(Medium)

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt.

CWE-2002012

CVE-2013-0192

MEDIUM

CVSS:4.9(Medium)

File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config.

CWE-2002013

CVE-2015-3251

MEDIUM

CVSS:4.9(Medium)

Apache CloudStack before 4.5.2 might allow remote authenticated administrators to obtain sensitive password information for root accounts of virtual machines via unspecified vectors related to API cal...

CWE-2002015

CVE-2016-0225

MEDIUM

CVSS:4.9(Medium)

IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 allows remote authenticated Commerce Accelerator administrators to obtain sensitive information via unspecified vectors.

CWE-2002016

CVE-2016-10740

MEDIUM

CVSS:4.9(Medium)

Various resources in Atlassian Crowd before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories by examining the responses to request...

CWE-2002016

CVE-2016-1497

MEDIUM

CVSS:4.9(Medium)

The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows...

CWE-2002016