How severe is CVE-2017-6786?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2017-6786?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2017-6786 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system. The vulnerability is due to improper protection of sensitive log files. An attacker could exploit this vulnerability by logging in to an affected system and accessing unprotected log files. A successful exploit could allow the attacker to access sensitive log files, which may include system credentials, on the affected system. Cisco Bug IDs: CSCvc76616. Known Affected Releases: 2.2(9.76).

Related Vulnerabilities

CVE-2015-6918

MEDIUM

CVSS:6.3(Medium)

salt before 2015.5.5 leaks git usernames and passwords to the log.

CWE-2002015

CVE-2016-0899

MEDIUM

CVSS:6.3(Medium)

EMC RSA Archer GRC 5.5.x before 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a Cont...

CWE-2002016

CVE-2018-18073

MEDIUM

CVSS:6.3(Medium)

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.

CWE-2002018

CVE-2019-4140

MEDIUM

CVSS:6.3(Medium)

IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) could allow a local user to replace existing databases by restoring old data. IBM X-Force ID: 158336.

CWE-2002019

CVE-2020-10195

MEDIUM

CVSS:6.3(Medium)

The popup-builder plugin before 3.64.1 for WordPress allows information disclosure and settings modification, leading to in-scope privilege escalation via admin-post actions to com/classes/Actions.php...

CWE-2002020

CVE-2020-25836

MEDIUM

CVSS:6.3(Medium)

Exposure of Sensitive Information to an Unauthorized Access vulnerability in OpenText NetIQ Directory and Resource Administrator. This issue affects NetIQ Directory and Resource Administrator versions...

CWE-2002020