CVE-2017-6687
Description
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system, aka an Insecure Default Password Vulnerability. More Information: CSCvc76695. Known Affected Releases: 21.0.0.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.767
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco Ultra Services Framework Element Manager Insecure Default Password Vulnerability For Cisco Ultra Services Framework | NCM |
| Initialization of a Resource with an Insecure Default Vulnerability (CVE-2017-6687) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1704627 | Security Update for Cisco Ultra Services Framework USP_6.2.A0.2906 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234