nvd-json-data-feeds/CVE-2017/CVE-2017-67xx/CVE-2017-6793.json

{
  "id": "CVE-2017-6793",
  "sourceIdentifier": "ykramarz@cisco.com",
  "published": "2017-09-07T21:29:00.880",
  "lastModified": "2019-10-09T23:29:17.903",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulnerability is due to insufficient protection of restricted information. An attacker could exploit this vulnerability by accessing unauthorized information via the user interface. Cisco Bug IDs: CSCvd61932."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la caracter\u00edstica de gesti\u00f3n de inventario en Cisco Prime Collaboration Provisioning Tool podr\u00eda permitir que un atacante remoto autenticado vea informaci\u00f3n sensible en el sistema. Esta vulnerabilidad se debe a una protecci\u00f3n de informaci\u00f3n restringida insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad accediendo a informaci\u00f3n sin autorizaci\u00f3n mediante la interfaz de usuario. Cisco Bug IDs: CSCvd61932."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ]
    },
    {
      "source": "ykramarz@cisco.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:cisco:prime_collaboration_provisioning:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DC0B9B9-C678-450E-9238-EECDD20EAB88"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.securitytracker.com/id/1039280",
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-pcpt1",
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}