Medium severity6.5NVD Advisory· Published Aug 7, 2017· Updated May 13, 2026

CVE-2017-6758

Description

A vulnerability in the web framework of Cisco Unified Communications Manager 11.5(1.10000.6) could allow an authenticated, remote attacker to access arbitrary files in the context of the web root directory structure on an affected device. The vulnerability is due to insufficient input validation by the affected software. An attacker could exploit this vulnerability by using directory traversal techniques to read files in the web root directory structure on the Cisco Unified Communications Manager filesystem. Cisco Bug IDs: CSCve13796.

Affected products

Cisco Systems, Inc./Unified Communications Manager
cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.10000.6\):*:*:*:*:*:*:*
N/a/Cisco Unified Communications Managerv5
Range: Cisco Unified Communications Manager

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/100119nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039064nvdThird Party AdvisoryVDB Entry
quickview.cloudapps.cisco.com/quickview/bug/CSCve13796nvdVendor Advisory
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ucm1nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000