CVE-2017-3839 Vulnerability Details

  /     /     /  

CVE-2017-3839 Metadata Quick Info

CVE Published: 22/02/2017 | CVE Updated: 05/08/2024 | CVE Year: 2017
Source: cisco | Vendor: n/a | Product: Cisco Secure Access Control System
Status : PUBLISHED

---

CVE-2017-3839 Description

An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to have read access to part of the information stored in the affected system. More Information: CSCvc04845. Known Affected Releases: 5.8(2.5).

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: XML External Entity Vulnerability
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).