Skip to main content

Ultra Services Framework

6 CVEs product

Monthly

CVE-2017-6771 HIGH This Week

A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Ultra Services Framework
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-6711 CRITICAL Act Now

A vulnerability in the Ultra Automation Service (UAS) of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Apache Ultra Services Framework
NVD
CVSS 3.0
9.1
EPSS
0.4%
CVE-2017-6709 CRITICAL Act Now

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Elastic Information Disclosure Ultra Services Framework
NVD
CVSS 3.0
9.8
EPSS
0.5%
CVE-2017-6708 CRITICAL Act Now

A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Ultra Services Framework
NVD
CVSS 3.0
9.8
EPSS
0.6%
CVE-2017-6681 HIGH This Week

A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Cisco Ultra Services Framework
NVD
CVSS 3.0
7.5
EPSS
3.1%
CVE-2017-6680 HIGH This Week

A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Ultra Services Framework
NVD
CVSS 3.0
7.5
EPSS
0.3%
EPSS 0% CVSS 7.5
HIGH This Week

A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Ultra Services Framework
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

A vulnerability in the Ultra Automation Service (UAS) of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Apache +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Elastic Information Disclosure +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Ultra Services Framework
NVD
EPSS 3% CVSS 7.5
HIGH This Week

A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Cisco Ultra Services Framework
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Ultra Services Framework
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy