CVE-2017-6667 Vulnerability Details

  /     /     /  

CVE-2017-6667 Metadata Quick Info

CVE Published: 13/06/2017 | CVE Updated: 05/08/2024 | CVE Year: 2017
Source: cisco | Vendor: n/a | Product: Cisco Context Service SDK
Status : PUBLISHED

---

CVE-2017-6667 Description

A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device with the privileges of the web server. More Information: CSCvb66730. Known Affected Releases: 2.0.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Arbitrary Code Execution Vulnerability
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).