Medium severity4.9NVD Advisory· Published Aug 17, 2017· Updated May 13, 2026

CVE-2017-6777

Description

A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information. The vulnerability is due to insufficient protection of sensitive files on the system. An attacker could exploit this vulnerability by logging into the ConfD server and executing certain commands. An exploit could allow an unprivileged user to view configuration parameters that can be maliciously used. Cisco Bug IDs: CSCvd76409. Known Affected Releases: 2.3, 2.3(2).

Affected products

Cisco Systems, Inc./Elastic Services Controller2 versions
cpe:2.3:a:cisco:elastic_services_controller:2.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:elastic_services_controller:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:elastic_services_controller:2.3\(2\):*:*:*:*:*:*:*
Cisco Systems, Inc./Elastic Services Controllerv5
Range: 2.3, 2.3(2)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/100390nvdThird Party AdvisoryVDB Entry
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc3nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.319
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000