Arbitrary File Download Vulnerability in Cisco Prime Collaboration Provisioning Tool

Arbitrary File Download Vulnerability in Cisco Prime Collaboration Provisioning Tool

CVE-2017-6704 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem. More Information: CSCvc90335. Known Affected Releases: 12.1.

Learn more about our Cis Benchmark Audit For Cisco.