CVE-2017-6772

CVE Database · CVE-2017-6772

CVE-2017-6772

· N/AModified

CVSS v3.1

N/A

EPSS

0.94%

Published

Aug 17, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration files. An exploit could allow the attacker to view sensitive system configuration files. Cisco Bug IDs: CSCvd29408. Known Affected Releases: 2.3(2).

Weaknesses (CWE)

CWE-200

Affected Products (1)

cisco · elastic_services_controllervulnerable

References (4)

http://www.securityfocus.com/bid/100388

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc1

Vendor Advisory

http://www.securityfocus.com/bid/100388

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc1

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs