Vulnerabilities > CVE-2017-3817 - Incorrect Authorization vulnerability in Cisco Unified Computing System Director 5.5.0.1/6.0.0.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. More Information: CSCvc32434. Known Affected Releases: 5.5(0.1) 6.0(0.0).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Common Weakness Enumeration (CWE)
References
- http://www.securityfocus.com/bid/97430
- http://www.securityfocus.com/bid/97430
- http://www.securitytracker.com/id/1038194
- http://www.securitytracker.com/id/1038194
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-ucs-director
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-ucs-director