Vulnerability CVE-2017-3871


Published: 2017-03-17   Modified: 2017-03-18

Description:
A RADIUS Secret Disclosure vulnerability in the web network management interface of Cisco Prime Optical for Service Providers could allow an authenticated, remote attacker to disclose sensitive information in the configuration generated for a device. The attacker must have valid credentials for the device. More Information: CSCvc65257. Known Affected Releases: 10.6(0.1).

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Cisco -> Prime optical 

 References:
http://www.securityfocus.com/bid/96928
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpo

Copyright 2024, cxsecurity.com

 

Back to Top