Role-based Access Flaw in Cisco Unified Computing System Director
CVE-2017-3817

4.3MEDIUM

Key Information:

Vendor

Cisco
Status
Cisco Ucs Director
Vendor
CVE Published:
7 April 2017

What is CVE-2017-3817?

A flaw in the role-based resource checking feature of Cisco Unified Computing System (UCS) Director allows an authenticated remote attacker to gain access to unauthorized information regarding any virtual machine within a UCS domain. This vulnerability could lead to exposure of sensitive data and must be addressed promptly to maintain security integrity. Known affected versions include 5.5(0.1) and 6.0(0.0).

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cisco UCS Director Cisco UCS Director

References

https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1038194
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/97430
vdb-entryx_refsource_BID

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.