CVE-2017-12251
published 2017-10-19CVE-2017-12251: A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact maliciously with…
PriorityP264critical9.9CVSS 3.0
AVNACLPRLUINSCCHIHAH
EPSS
2.16%
79.9th percentile
A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact maliciously with the services or virtual machines (VMs) operating remotely on an affected CSP device. The vulnerability is due to weaknesses in the generation of certain authentication mechanisms in the URL of the web console. An attacker could exploit this vulnerability by browsing to one of the hosted VMs' URLs in Cisco CSP and viewing specific patterns that control the web application's mechanisms for authentication control. An exploit could allow the attacker to access a specific VM on the CSP, which causes a complete loss of the system's confidentiality, integrity, and availability. This vulnerability affects Cisco Cloud Services Platform (CSP) 2100 running software release 2.1.0, 2.1.1, 2.1.2, 2.2.0, 2.2.1, or 2.2.2. Cisco Bug IDs: CSCve64690.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cloud_services_platform_2100 | — | — |
| cisco | cloud_services_platform_2100 | — | — |
| cisco | cloud_services_platform_2100 | — | — |
| cisco | cloud_services_platform_2100 | — | — |
| cisco | cloud_services_platform_2100 | — | — |
| cisco | cloud_services_platform_2100 | — | — |
| cisco | cloud_services_platform_2100_unauthorized_access | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploit involves browsing to hosted VM URLs on Cisco CSP 2100 web console and observing specific URL patterns that control authentication mechanisms — monitor for authenticated users accessing unusual VM URLs with authentication token/pattern enumeration behavior. ↗
- →Scope detection to Cisco CSP 2100 devices running software releases 2.1.0, 2.1.1, 2.1.2, 2.2.0, 2.2.1, or 2.2.2 — these are the confirmed vulnerable versions. ↗
- ·The vulnerability requires the attacker to already be authenticated — this is not an unauthenticated pre-auth exploit; detection should focus on authenticated sessions exhibiting abnormal VM URL access patterns. ↗
- ·No workarounds exist for this vulnerability; patching to a fixed software release is the only mitigation. ↗
- ·Cisco Bug ID CSCve64690 can be used to track patch status and vendor communications for this specific vulnerability. ↗
CVSS provenance
nvdv3.09.9CRITICALCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vendor_cisco9.9CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Cloud Services Platform 2100 Unauthorized Access Vulnerability
vendor_cisco·2017-10-18·CVSS 9.9
CVE-2017-12251 [CRITICAL] CWE-264 Cisco Cloud Services Platform 2100 Unauthorized Access Vulnerability
Cisco Cloud Services Platform 2100 Unauthorized Access Vulnerability
A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact maliciously with the services or virtual machines (VMs) operating remotely on an affected CSP device.The vulnerability is due to weaknesses in the generation of certain authentication mechanisms in the URL of the web console. An attacker could exploit this vulnerability by browsing to one of the hosted VMs' URLs in Cisco CSP and viewing specific patterns that control the web application's mechanisms for authentication control. An exploit could allow the attacker to access a specific VM on the CSP, which causes a complete loss of the system's confidentiality, integrity, and availabi
Cisco
Cisco Cloud Services Platform 2100 Unauthorized Access Vulnerability
vendor_cisco·CVSS 3.0
CVE-2017-12251 Cisco Cloud Services Platform 2100 Unauthorized Access Vulnerability
CVE-2017-12251: Cisco Cloud Services Platform 2100 Unauthorized Access Vulnerability
A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact maliciously with the services or virtual machines (VMs) operating remotely on an affected CSP device. The vulnerability is due to weaknesses in the generation of certain authentication mechanisms in the URL of the web console. An attacker could exploit this vulnerability by browsing to one of the hosted VMs' URLs in Cisco CSP and viewing specific patterns that control the web application's mechanisms for authentication control. An exploit could allow the attacker to access a specific VM on the CSP, which causes a complete loss of the system's confidentiality, integrit
GHSA
GHSA-hcjw-jp4m-2qjx: A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact malicious
ghsa_unreviewed·2022-05-13
CVE-2017-12251 [CRITICAL] CWE-287 GHSA-hcjw-jp4m-2qjx: A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact malicious
A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact maliciously with the services or virtual machines (VMs) operating remotely on an affected CSP device. The vulnerability is due to weaknesses in the generation of certain authentication mechanisms in the URL of the web console. An attacker could exploit this vulnerability by browsing to one of the hosted VMs' URLs in Cisco CSP and viewing specific patterns that control the web application's mechanisms for authentication control. An exploit could allow the attacker to access a specific VM on the CSP, which causes a complete loss of the system's confidentiality, integrity, and availability. This vulnerability affects Cisco Cloud Services Platform (CSP) 2
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/101487http://www.securitytracker.com/id/1039613https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-ccshttp://www.securityfocus.com/bid/101487http://www.securitytracker.com/id/1039613https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-ccs
2017-10-19
Published