cbcvebase.
CVE-2020-3239
published 2020-04-15

CVE-2020-3239: Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication…

PriorityP274high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
73.57%
99.4th percentile
Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Affected

21 ranges
VendorProductVersion rangeFixed in
ciscocisco_ucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director
ciscoucs_director_and_cisco_ucs_director_express_for_big_data
ciscoucs_director_express_for_big_data<= 3.7.3.0

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability class involves REST API authentication bypass and directory traversal attacks against Cisco UCS Director and Cisco UCS Director Express for Big Data
  • Monitor REST API endpoints on Cisco UCS Director for unauthenticated access attempts and path traversal patterns (e.g., '../' sequences) in request URIs
  • ·Multiple CWEs are associated with this CVE: CWE-20 (Improper Input Validation), CWE-22 (Path Traversal), and CWE-264 (Permissions/Privileges/Access Controls). Detection logic should account for all three vulnerability classes in the REST API layer.
  • ·Multiple distinct bug IDs are tracked under this advisory (CSCvs53493, CSCvs53496, CSCvs53500), indicating several separate vulnerability instances within the REST API — patching and detection should address all tracked bugs.

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vendor_cisco9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.