CVE-2017-6709 : A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attack

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller (ESC) and Cisco OpenStack deployments in an affected system. The vulnerability exists because the affected software logs administrative credentials in clear text for Cisco ESC and Cisco OpenStack deployment purposes. An attacker could exploit this vulnerability by accessing the AutoVNF URL for the location where the log files are stored and subsequently accessing the administrative credentials that are stored in clear text in those log files. This vulnerability affects all releases of the Cisco Ultra Services Framework prior to Releases 5.0.3 and 5.1. Cisco Bug IDs: CSCvc76659.

Published 2017-07-06 00:29:00

Updated 2019-10-09 23:28:56

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Information leak

Exploit prediction scoring system (EPSS) score for CVE-2017-6709

Probability of exploitation activity in the next 30 days: 0.39%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 73 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2017-6709

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2017-6709

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: ykramarz@cisco.com (Secondary)
CWE-522 Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Assigned by: nvd@nist.gov (Primary)
CWE-532 Insertion of Sensitive Information into Log File

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-6709

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-usf2

Cisco Ultra Services Framework AutoVNF Log File User Credential Information Disclosure Vulnerability
Vendor Advisory

Products affected by CVE-2017-6709

Cisco » Ultra Services Framework
Versions up to, including, (<=) 5.0.2
cpe:2.3:a:cisco:ultra_services_framework:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2017-6709

Exploit prediction scoring system (EPSS) score for CVE-2017-6709

CVSS scores for CVE-2017-6709

CWE ids for CVE-2017-6709

References for CVE-2017-6709

Products affected by CVE-2017-6709