Arbitrary Code Execution Vulnerability in Cisco Context Service SDK

Arbitrary Code Execution Vulnerability in Cisco Context Service SDK

CVE-2017-6667 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device with the privileges of the web server. More Information: CSCvb66730. Known Affected Releases: 2.0.

Learn more about our Cis Benchmark Audit For Cisco.