CVE-2017-3801
published 2017-02-15CVE-2017-3801: A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items…
PriorityP346high8.8CVSS 3.0
AVLACLPRLUINSCCHIHAH
EPSS
0.33%
25.1th percentile
A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a Privilege Escalation Vulnerability. The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. An attacker could exploit this vulnerability by enabling Developer Mode for his/her user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to his/her profile. An exploit could allow an attacker to perform any actions defined by these workflow items, including actions affecting other tenants. Cisco Bug IDs: CSCvb64765.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ucs_director | — | — |
| cisco | unified_computing_system_director | — | — |
| cisco | unified_computing_system_director | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vendor_cisco9.9CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco UCS Director Privilege Escalation Vulnerability
vendor_cisco·2017-02-15·CVSS 9.9
CVE-2017-3801 [CRITICAL] CWE-264 Cisco UCS Director Privilege Escalation Vulnerability
Cisco UCS Director Privilege Escalation Vulnerability
A vulnerability in the web-based GUI of Cisco UCS Director could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile.
The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. An attacker could exploit this vulnerability by enabling Developer Mode for his/her user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to his/her profile. An exploit could allow an attacker to perform any actions defined by these workflow items, including actions affecting other tenants.
Cisco has released software updates that address this vulnerability. There are no workarounds that address t
Cisco
Cisco UCS Director Privilege Escalation Vulnerability
vendor_cisco·CVSS 3.0
CVE-2017-3801 Cisco UCS Director Privilege Escalation Vulnerability
CVE-2017-3801: Cisco UCS Director Privilege Escalation Vulnerability
A vulnerability in the web-based GUI of Cisco UCS Director could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile. The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. An attacker could exploit this vulnerability by enabling Developer Mode for his/her user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to his/her profile. An exploit could allow an attacker to perform any actions defined by these workflow items, including actions affecting other tenants. Cisco has released software updates that address this vulnerability. There are no
CVSS: 3.0
CWE:
GHSA
GHSA-f4q6-c8q7-9mcw: A vulnerability in the web-based GUI of Cisco UCS Director 6
ghsa_unreviewed·2022-05-13
CVE-2017-3801 [HIGH] CWE-863 GHSA-f4q6-c8q7-9mcw: A vulnerability in the web-based GUI of Cisco UCS Director 6
A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a Privilege Escalation Vulnerability. The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. An attacker could exploit this vulnerability by enabling Developer Mode for his/her user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to his/her profile. An exploit could allow an attacker to perform any actions defined by these workflow items, including actions affecting other tenants. Cisco Bug IDs: CSCvb64765.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/96235http://www.securitytracker.com/id/1037830https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-ucshttp://www.securityfocus.com/bid/96235http://www.securitytracker.com/id/1037830https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-ucs
2017-02-15
Published