NVD disclosure day

Published threat advisories for August 7, 2017

CVE advisoryKnown Exploit

CVE-2017-12637

SAP NetWeaver Unauthorized File Access Advisory

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A directory traversal vulnerability in SAP NetWeaver Application Server Java enables remote attackers to read arbitrary files, posing a business risk of unauthorized access to sensitive information. Attackers can exploit this by sending a crafted query string to the affected component.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2017-6663

Cisco IOS/XE Autonomic Networking Denial-of-Service Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Cisco IOS and IOS XE Software's Autonomic Networking feature could allow an adjacent attacker to cause affected nodes to reload, disrupting network services. This impacts organizations using these Cisco software versions, as it can lead to denial of service for autonomic nodes.

NVD published: • CISA KEV