Vulnerabilities > CVE-2017-3817 - Incorrect Authorization vulnerability in Cisco Unified Computing System Director 5.5.0.1/6.0.0.0

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
cisco
CWE-863

Summary

A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. More Information: CSCvc32434. Known Affected Releases: 5.5(0.1) 6.0(0.0).

Vulnerable Configurations

Part Description Count
Application
Cisco
2

Common Weakness Enumeration (CWE)