CVE-2017-6779

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM&P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823.

Published: 2018-06-07 Last update: 2025-07-31 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2017-6779 is rated Moderate Risk (58.7/100): CVSS High severity, with medium exploitation likelihood (EPSS 1.98%). EPSS rose +1.42% over the last day, indicating growing attacker interest. Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2017-6779

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.57% 1.98% +1.42%
2 2026-03-17 1.27% 0.57% -0.71%
3 2025-11-21 1.27%

Full EPSS history (11 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2017-6779

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.5 3.0 HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N)
Doesn’t really leak secrets in a meaningful way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
 3.9 3.6 [email protected]
7.8 2.0 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:C)
Complete availability impact.
 10.0 6.9 [email protected]

Weakness enumeration for CVE-2017-6779

Affected software / configurations for CVE-2017-6779

Vendor Product Version Raw CPE
cisco emergency_responder >= 10.5, < 10.5\(1a\) cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*
cisco emergency_responder >= 11.0, < 11.5\(4\) cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*
cisco emergency_responder >= 12.0, < 12.0su1 cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*
cisco emergency_responder 11.0\(1.10000.10\) cpe:2.3:a:cisco:emergency_responder:11.0\(1.10000.10\):*:*:*:*:*:*:*
cisco finesse >= 11.5, < 11.5\(3\) cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*
cisco finesse 9.5\(1\) cpe:2.3:a:cisco:finesse:9.5\(1\):*:*:*:*:*:*:*
cisco hosted_collaboration_mediation_fulfillment >= 11.5, < 11.5\(3\) cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:*:*:*:*:*:*:*:*
cisco hosted_collaboration_mediation_fulfillment 9.5\(1\) cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:9.5\(1\):*:*:*:*:*:*:*
cisco mediasense >= 11.5, < 11.5su2 cpe:2.3:a:cisco:mediasense:*:*:*:*:*:*:*:*
cisco mediasense 9.5\(1\) cpe:2.3:a:cisco:mediasense:9.5\(1\):*:*:*:*:*:*:*
cisco prime_collaboration_assurance >= 11.6, < 11.6_es16 cpe:2.3:a:cisco:prime_collaboration_assurance:*:*:*:*:*:*:*:*
cisco prime_collaboration_assurance >= 12.1, < 12.1_es2 cpe:2.3:a:cisco:prime_collaboration_assurance:*:*:*:*:*:*:*:*
cisco prime_collaboration_provisioning 12.5 cpe:2.3:a:cisco:prime_collaboration_provisioning:12.5:*:*:*:*:*:*:*
cisco prime_license_manager >= 10.5, < 10.5.2 cpe:2.3:a:cisco:prime_license_manager:*:*:*:*:*:*:*:*
cisco prime_license_manager >= 11.0, < 11.5\(1\)su5 cpe:2.3:a:cisco:prime_license_manager:*:*:*:*:*:*:*:*
cisco socialminer >= 11.6, < 11.6.1 cpe:2.3:a:cisco:socialminer:*:*:*:*:*:*:*:*
cisco unified_communications_manager >= 10.0, < 10.5\(2\)su5 cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
cisco unified_communications_manager >= 11.0, < 11.0\(1a\)su4 cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
cisco unified_communications_manager >= 11.5, < 11.5\(1\)su3 cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
cisco unified_communications_manager 10.5\(2.10000.5\) cpe:2.3:a:cisco:unified_communications_manager:10.5\(2.10000.5\):*:*:*:*:*:*:*
cisco unified_communications_manager 11.0\(1.10000.10\) cpe:2.3:a:cisco:unified_communications_manager:11.0\(1.10000.10\):*:*:*:*:*:*:*
cisco unified_communications_manager 11.5\(1.10000.6\) cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.10000.6\):*:*:*:*:*:*:*
cisco unified_communications_manager 12.0 cpe:2.3:a:cisco:unified_communications_manager:12.0:*:*:*:*:*:*:*
cisco unified_contact_center_express >= 11.6, < 11.6\(1\) cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*
cisco unified_contact_center_express 9.0\(2\)su1.3 cpe:2.3:a:cisco:unified_contact_center_express:9.0\(2\)su1.3:*:*:*:*:*:*:*
cisco unified_intelligence_center >= 11.6, < 11.6\(1\) cpe:2.3:a:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*
cisco unified_intelligence_center 9.5\(1\) cpe:2.3:a:cisco:unified_intelligence_center:9.5\(1\):*:*:*:*:*:*:*
cisco unity_connection >= 10.5, < 10.5su5 cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*
cisco unity_connection >= 11.0, < 11.5.1su3 cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*
cisco unity_connection 9.5\(0.9\)tt0 cpe:2.3:a:cisco:unity_connection:9.5\(0.9\)tt0:*:*:*:*:*:*:*
cisco unity_connection 12.0 cpe:2.3:a:cisco:unity_connection:12.0:*:*:*:*:*:*:*
cisco virtualized_voice_browser >= 11.6, < 11.6\(1\) cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*

References for CVE-2017-6779

cvelogic Threat Intelligence