Medium severity4.3NVD Advisory· Published Aug 17, 2017· Updated May 13, 2026

CVE-2017-6772

Description

A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration files. An exploit could allow the attacker to view sensitive system configuration files. Cisco Bug IDs: CSCvd29408. Known Affected Releases: 2.3(2).

Affected products

Cisco Systems, Inc./Elastic Services Controller
cpe:2.3:a:cisco:elastic_services_controller:2.3\(2\):*:*:*:*:*:*:*
Cisco Systems, Inc./Elastic Services Controllerv5
Range: 2.3(2)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/100388nvdThird Party AdvisoryVDB Entry
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc1nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.280
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000