High severity8.1NVD Advisory· Published Aug 17, 2017· Updated May 13, 2026

CVE-2017-6710

Description

A vulnerability in the Cisco Virtual Network Function (VNF) Element Manager could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the server. The vulnerability is due to command settings that allow Cisco VNF Element Manager users to specify arbitrary commands that will run as root on the server. An attacker could use this setting to elevate privileges and run commands in the context of the root user on the server. Cisco Bug IDs: CSCvc76670. Known Affected Releases: prior to 5.0.4 and 5.1.4.

Affected products

Cisco Systems, Inc./Virtual Network Function Element Manager
cpe:2.3:a:cisco:virtual_network_function_element_manager:*:*:*:*:*:*:*:*
Range: <=5.1.3
Cisco Systems, Inc./Virtual Network Function (VNF) Element Managerv5
Range: prior to 5.0.4 and 5.1.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/100362nvdThird Party AdvisoryVDB Entry
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-emnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.526
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000