Medium severity6.5NVD Advisory· Published Aug 7, 2017· Updated May 13, 2026

CVE-2017-6759

Description

A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by triggering the upgrade package installation functionality. Cisco Bug IDs: CSCvc90304.

Affected products

Cisco Systems, Inc./Prime Collaboration Provisioning
cpe:2.3:a:cisco:prime_collaboration_provisioning:12.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securitytracker.com/id/1039062nvdThird Party AdvisoryVDB Entry
quickview.cloudapps.cisco.com/quickview/bug/CSCvc90304nvdVendor Advisory
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-pcptnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000