CVE-2017-6782

medium

Cisco

CVSS v3 Base Score

5.4

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS Score

0.2%

Exploitation probability in 30 days

Top 54% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Confidentiality

Low

Integrity

Low

Availability

None

Published: August 17, 2017 (3191 days ago)

Last Modified: May 13, 2026

Vendor: Cisco

Source: NVD

Description

A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application. The vulnerability is due to improper sanitization of parameter values by the affected application. An attacker could exploit this vulnerability by injecting malicious code into an affected parameter and persuading a user to access a web page that triggers the rendering of the injected code. Cisco Bug IDs: CSCve47074. Known Affected Releases: 3.2(0.0).

CWE

CWE-94

Affected Products

cisco prime infrastructure

References

🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 tools.cisco.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com

CVE-2017-6782

Vulnerability Report

Description

CWE

Affected Products

References