Vulnerability Details : CVE-2017-6629
A vulnerability in the ImageID parameter of Cisco Unity Connection 10.5(2) could allow an unauthenticated, remote attacker to access files in arbitrary locations on the filesystem of an affected device. The issue is due to improper sanitization of user-supplied input in HTTP POST parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. Cisco Bug IDs: CSCvd90118.
Vulnerability category: Directory traversal
Products affected by CVE-2017-6629
- cpe:2.3:a:cisco:unity_connection:10.5\(2\):*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-6629
0.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 57 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-6629
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
5.3
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.9
|
1.4
|
NIST |
CWE ids for CVE-2017-6629
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by:
- nvd@nist.gov (Primary)
- ykramarz@cisco.com (Secondary)
References for CVE-2017-6629
-
http://www.securityfocus.com/bid/98286
Cisco Unity Connection CVE-2017-6629 Unauthorized Access VulnerabilityBroken Link
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cuc
Cisco Unity Connection ImageID Parameter Unauthorized Access VulnerabilityVendor Advisory
-
http://www.securitytracker.com/id/1038400
Cisco Unity Connection ImageID Parameter Validation Flaw Lets Remote Users Obtain Files on the Target System - SecurityTracker
Jump to