All the vulnerabilites related to cisco - umbrella_insights_virtual_appliance
Vulnerability from fkie_nvd
Published
2017-11-16 07:29
Modified
2024-11-21 03:09
Severity ?
8.2 (High) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance. A successful exploit could allow the attacker to log in to the affected appliance with root privileges. Cisco Bug IDs: CSCvg31220.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/101879Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uvaVendor Advisory
ykramarz@cisco.comhttps://www.info-sec.ca/advisories/Cisco-Umbrella-Hardcoded-Credentials.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/101879Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uvaVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.info-sec.ca/advisories/Cisco-Umbrella-Hardcoded-Credentials.htmlThird Party Advisory
Impacted products
Vendor Product Version
cisco umbrella_insights_virtual_appliance *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28086565-F8BB-4F22-8FB3-FF36BAD5E598",
              "versionEndIncluding": "2.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance. A successful exploit could allow the attacker to log in to the affected appliance with root privileges. Cisco Bug IDs: CSCvg31220."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en Cisco Umbrella Insights Virtual Appliances 2.1.0 y anteriores podr\u00eda permitir que un atacante local autenticado inicie sesi\u00f3n en una m\u00e1quina virtual afectada con privilegios root. La vulnerabilidad se debe a la presencia de credenciales est\u00e1ticas de usuario por defecto para una m\u00e1quina virtual afectada. Un atacante podr\u00eda explotar esta vulnerabilidad empleando la consola del hipervisor para conectarse de forma local a un sistema afectado y, a continuaci\u00f3n, empleando las credenciales est\u00e1ticas para iniciar sesi\u00f3n en una m\u00e1quina virtual afectada. Un exploit con \u00e9xito podr\u00eda permitir que el atacante consiga iniciar sesi\u00f3n en el aparato afectado con privilegios root. Cisco Bug IDs: CSCvg31220."
    }
  ],
  "id": "CVE-2017-12350",
  "lastModified": "2024-11-21T03:09:21.610",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-11-16T07:29:01.057",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101879"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.info-sec.ca/advisories/Cisco-Umbrella-Hardcoded-Credentials.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101879"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.info-sec.ca/advisories/Cisco-Umbrella-Hardcoded-Credentials.html"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2022-11-15 21:15
Modified
2024-11-21 06:43
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Summary
Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition. Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details ["#details"] section of this advisory for more information. Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr
Impacted products
Vendor Product Version
cisco firepower_threat_defense 7.1.0
cisco firepower_threat_defense 7.1.0.1
cisco firepower_threat_defense 7.1.0.2
cisco firepower_threat_defense 7.2.0
cisco firepower_threat_defense 7.2.0.1
cisco umbrella_insights_virtual_appliance 1.5.4
cisco umbrella_insights_virtual_appliance 1.5.5
cisco umbrella_insights_virtual_appliance 1.5.6
cisco umbrella_insights_virtual_appliance 2.0.0
cisco umbrella_insights_virtual_appliance 2.0.2
cisco umbrella_insights_virtual_appliance 2.0.3
cisco umbrella_insights_virtual_appliance 2.1.0
cisco umbrella_insights_virtual_appliance 2.1.2
cisco umbrella_insights_virtual_appliance 2.1.4
cisco umbrella_insights_virtual_appliance 2.1.5
cisco umbrella_insights_virtual_appliance 2.2
cisco umbrella_insights_virtual_appliance 2.2.1
cisco umbrella_insights_virtual_appliance 2.3
cisco umbrella_insights_virtual_appliance 2.3.1
cisco umbrella_insights_virtual_appliance 2.4
cisco umbrella_insights_virtual_appliance 2.4.4
cisco umbrella_insights_virtual_appliance 2.4.6
cisco umbrella_insights_virtual_appliance 2.4.12
cisco umbrella_insights_virtual_appliance 2.5
cisco umbrella_insights_virtual_appliance 2.5.4
cisco umbrella_insights_virtual_appliance 2.5.5
cisco umbrella_insights_virtual_appliance 2.5.6
cisco umbrella_insights_virtual_appliance 2.5.7
cisco umbrella_insights_virtual_appliance 2.6.0
cisco umbrella_insights_virtual_appliance 2.6.1
cisco umbrella_insights_virtual_appliance 2.6.2
cisco umbrella_insights_virtual_appliance 2.7
cisco umbrella_insights_virtual_appliance 2.8
cisco umbrella_insights_virtual_appliance 2.8.9
cisco umbrella_insights_virtual_appliance 3.0
cisco umbrella_insights_virtual_appliance 3.1
cisco umbrella_insights_virtual_appliance 3.2
cisco cyber_vision 3.0.0
cisco cyber_vision 3.0.1
cisco cyber_vision 3.0.2
cisco cyber_vision 3.0.3
cisco cyber_vision 3.0.5
cisco cyber_vision 3.0.6
cisco cyber_vision 3.1.0
cisco cyber_vision 3.1.1
cisco cyber_vision 3.1.2
cisco cyber_vision 3.2.0
cisco cyber_vision 3.2.1
cisco cyber_vision 3.2.2
cisco cyber_vision 3.2.3
cisco cyber_vision 3.2.4
cisco cyber_vision 4.0.0
cisco cyber_vision 4.0.1
cisco cyber_vision 4.0.2
cisco cyber_vision 4.0.3
cisco cyber_vision 4.1.0
cisco cyber_vision 4.1.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:1.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BF90DB2-1A85-476B-81C5-A9D7133ACE2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:1.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7CE4D1A-F06D-4AA3-9F5D-CA11DCE112DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:1.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "04745969-29B7-43CC-B799-79847F8028AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "32270CEC-2E57-4C8D-8739-0BF677C47436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E575114C-7982-4BEA-8B6E-61E4679A8455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F49D05BF-F7FA-42CD-BE51-4B6A99668668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDE324B-BD3E-41FF-A759-E7ED9B332642",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A292AECE-11DF-42E6-AB55-EDBFD286A319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F25D8B-0C7D-443C-9AE4-5649DCB3BEC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF21C65F-DDDD-4A8B-96C9-301FEC23EB55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0C6E574-D361-49D6-8074-9502435E47DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C6BE33-428F-4EBB-99F9-15A49558E736",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "105C6FEC-D61D-468C-BDAE-0D35032A26D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B3EDB7D-CC89-4E33-B4E1-8F9BDB9F4EC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "10A433EB-DDE6-4571-8088-77C45935FA00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C45B094-16C3-4B25-BC08-678B898F4A73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "98550B63-A827-4F56-8E4B-992AFAFAB2EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B14762C-9C78-416B-9880-914470AED73B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CC2B4A5-E58F-4B3C-9934-7965947457E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FD96956-B567-4888-BEBF-1EA95DE0D772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A58E552D-604D-491B-8E05-BB1C821AC92C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE7BEE50-883A-46AE-B499-A54FCF7FD6AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A11A9E0C-4DB2-46F3-B017-F286A3B50405",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EBD6F19-BAC0-4732-8060-8C1C22F44049",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CA423FC-E0DD-4B64-9E74-3F13D138F204",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CAEC84A-BF83-46C8-A3D1-012CDABFCC1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "41776998-EC81-46F0-B8E4-6D7BCA679656",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1499524B-2443-4B8D-BC14-02437F2E0817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:2.8.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD5CDF83-C733-418C-86CA-C40EEC02DE24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27FC94A5-4867-4957-A336-5163419A1085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "220C6C11-39BD-4301-B519-1E4C1CAF78B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7BBCF72-1B3A-485A-8B95-8469AAF85B7E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3297323C-B263-45EA-90CE-2B8415C9E498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "797AD8A4-083B-4A9E-A49D-65EE828E1637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB16212-A9DC-4C8C-B220-9619C65436EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C64043F-1F0D-47F7-AEEE-309B239891DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1F7F871-C211-4DC6-8020-1075405BAE17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E42800-B7C9-4006-8B7A-5A9A5F5EB234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE33F541-232E-4432-AB41-EC0500A85E6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D5B5FDC-79B2-447E-816F-1F630508A889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B806EAC6-E1B2-40FB-9B2F-6AFB4A16AF89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7BAC55C-C114-4E64-BC9E-9000B8C016CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "925E6B9B-F7F1-4ED8-8431-282A1061B527",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10EDC3E-0EF6-47DD-834D-51C5BBCC13EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5F799E-6696-4391-9B58-06715FA4086A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE31D26B-CD47-4853-B1C3-2E50B0882AFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758714C-4E9A-4442-9AD1-82D8E43995C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F63C0E4-99A9-4D4F-BCF9-EF5F5455C04C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "13EA024C-97A4-4D33-BC3E-51DB77C51E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2224A9-96D6-4621-B3AD-D5E1C6884937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B27A1F-E66D-4ADE-83B2-6D2457F49CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50511288-D7A4-4EAE-8238-1E899EF16A9B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device.\r\n\r These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition.\r\n\r Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details [\"#details\"] section of this advisory for more information.\r\n\r Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en el procesador Server Message Block Versi\u00f3n 2 (SMB2) del motor de detecci\u00f3n Snort en m\u00faltiples productos Cisco podr\u00edan permitir que un atacante remoto no autenticado omita las pol\u00edticas configuradas o cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. Estas vulnerabilidades se deben a una gesti\u00f3n inadecuada de los recursos del sistema cuando el motor de detecci\u00f3n de Snort procesa el tr\u00e1fico SMB2. Un atacante podr\u00eda aprovechar estas vulnerabilidades enviando unalto n\u00famero de ciertos tipos de paquetes SMB2 a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante activar una recarga del proceso Snort, lo que resultar\u00eda en una condici\u00f3n DoS. Nota: Cuando la opci\u00f3n Snort preserve-connection est\u00e1 habilitada para el motor de detecci\u00f3n de Snort, un exploit exitoso tambi\u00e9n podr\u00eda permitir al atacante omitir las pol\u00edticas configuradas y entregar un payload malicioso a la red protegida. La configuraci\u00f3n de preservaci\u00f3n de conexi\u00f3n de Snort est\u00e1 habilitada de forma predeterminada. Consulte la secci\u00f3n Detalles [\"#details\"] de este aviso para obtener m\u00e1s informaci\u00f3n. Nota: S\u00f3lo se ven afectados los productos que tienen Snort 3 configurado. Los productos configurados con Snort 2 no se ven afectados."
    }
  ],
  "id": "CVE-2022-20922",
  "lastModified": "2024-11-21T06:43:49.797",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-15T21:15:30.743",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-244"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2022-20922
Vulnerability from cvelistv5
Published
2022-11-10 17:37
Modified
2024-08-03 02:31
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Summary
Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition. Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details ["#details"] section of this advisory for more information. Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr
Impacted products
Vendor Product Version
Cisco Cisco Umbrella Insights Virtual Appliance Version: 1.5.4
Version: 1.5.5
Version: 1.5.6
Version: 2.0.0
Version: 2.0.2
Version: 2.0.3
Version: 2.1.0
Version: 2.1.2
Version: 2.1.5
Version: 2.1.4
Version: 2.4.12
Version: 2.4.6
Version: 2.4
Version: 2.4.4
Version: 2.5
Version: 2.5.4
Version: 2.5.5
Version: 2.5.6
Version: 2.5.7
Version: 2.6.0
Version: 2.6.1
Version: 2.6.2
Version: 2.7
Version: 2.8
Version: 2.8.9
Version: 3.0
Version: 3.1
Version: 3.2
Version: 2.3.1
Version: 2.3
Version: 2.2
Version: 2.2.1
Cisco Cisco Cyber Vision Version: 3.0.4
Version: 3.0.0
Version: 3.0.1
Version: 3.0.2
Version: 3.0.3
Version: 3.0.5
Version: 3.0.6
Version: 3.1.0
Version: 3.1.2
Version: 3.1.1
Version: 3.2.3
Version: 3.2.1
Version: 3.2.4
Version: 3.2.0
Version: 3.2.2
Version: 4.0.0
Version: 4.0.1
Version: 4.0.2
Version: 4.0.3
Version: 4.1.0
Version: 4.1.1
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:57.388Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-snort-smb-3nfhJtr",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.1.0.1"
            },
            {
              "status": "affected",
              "version": "7.1.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.0.1"
            }
          ]
        },
        {
          "product": "Cisco Umbrella Insights Virtual Appliance",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "1.5.4"
            },
            {
              "status": "affected",
              "version": "1.5.5"
            },
            {
              "status": "affected",
              "version": "1.5.6"
            },
            {
              "status": "affected",
              "version": "2.0.0"
            },
            {
              "status": "affected",
              "version": "2.0.2"
            },
            {
              "status": "affected",
              "version": "2.0.3"
            },
            {
              "status": "affected",
              "version": "2.1.0"
            },
            {
              "status": "affected",
              "version": "2.1.2"
            },
            {
              "status": "affected",
              "version": "2.1.5"
            },
            {
              "status": "affected",
              "version": "2.1.4"
            },
            {
              "status": "affected",
              "version": "2.4.12"
            },
            {
              "status": "affected",
              "version": "2.4.6"
            },
            {
              "status": "affected",
              "version": "2.4"
            },
            {
              "status": "affected",
              "version": "2.4.4"
            },
            {
              "status": "affected",
              "version": "2.5"
            },
            {
              "status": "affected",
              "version": "2.5.4"
            },
            {
              "status": "affected",
              "version": "2.5.5"
            },
            {
              "status": "affected",
              "version": "2.5.6"
            },
            {
              "status": "affected",
              "version": "2.5.7"
            },
            {
              "status": "affected",
              "version": "2.6.0"
            },
            {
              "status": "affected",
              "version": "2.6.1"
            },
            {
              "status": "affected",
              "version": "2.6.2"
            },
            {
              "status": "affected",
              "version": "2.7"
            },
            {
              "status": "affected",
              "version": "2.8"
            },
            {
              "status": "affected",
              "version": "2.8.9"
            },
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "status": "affected",
              "version": "3.2"
            },
            {
              "status": "affected",
              "version": "2.3.1"
            },
            {
              "status": "affected",
              "version": "2.3"
            },
            {
              "status": "affected",
              "version": "2.2"
            },
            {
              "status": "affected",
              "version": "2.2.1"
            }
          ]
        },
        {
          "product": "Cisco Cyber Vision",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.4"
            },
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "3.0.1"
            },
            {
              "status": "affected",
              "version": "3.0.2"
            },
            {
              "status": "affected",
              "version": "3.0.3"
            },
            {
              "status": "affected",
              "version": "3.0.5"
            },
            {
              "status": "affected",
              "version": "3.0.6"
            },
            {
              "status": "affected",
              "version": "3.1.0"
            },
            {
              "status": "affected",
              "version": "3.1.2"
            },
            {
              "status": "affected",
              "version": "3.1.1"
            },
            {
              "status": "affected",
              "version": "3.2.3"
            },
            {
              "status": "affected",
              "version": "3.2.1"
            },
            {
              "status": "affected",
              "version": "3.2.4"
            },
            {
              "status": "affected",
              "version": "3.2.0"
            },
            {
              "status": "affected",
              "version": "3.2.2"
            },
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "status": "affected",
              "version": "4.0.1"
            },
            {
              "status": "affected",
              "version": "4.0.2"
            },
            {
              "status": "affected",
              "version": "4.0.3"
            },
            {
              "status": "affected",
              "version": "4.1.0"
            },
            {
              "status": "affected",
              "version": "4.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device.\r\n\r These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of certain types of SMB2 packets through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process, resulting in a DoS condition.\r\n\r Note: When the snort preserve-connection option is enabled for the Snort detection engine, a successful exploit could also allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. The snort preserve-connection setting is enabled by default. See the Details [\"#details\"] section of this advisory for more information.\r\n\r Note: Only products that have Snort 3 configured are affected. Products that are configured with Snort 2 are not affected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-244",
              "description": "Improper Clearing of Heap Memory Before Release (\u0027Heap Inspection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:13.504Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-snort-smb-3nfhJtr",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-smb-3nfhJtr",
        "defects": [
          "CSCwa55404",
          "CSCwb66736",
          "CSCwb87762",
          "CSCwb91454",
          "CSCwc37518",
          "CSCwc37339"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20922",
    "datePublished": "2022-11-10T17:37:12.903Z",
    "dateReserved": "2021-11-02T13:28:29.190Z",
    "dateUpdated": "2024-08-03T02:31:57.388Z",
    "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12350
Vulnerability from cvelistv5
Published
2017-11-16 07:00
Modified
2024-08-05 18:36
Severity ?
Summary
A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance. A successful exploit could allow the attacker to log in to the affected appliance with root privileges. Cisco Bug IDs: CSCvg31220.
References
https://www.info-sec.ca/advisories/Cisco-Umbrella-Hardcoded-Credentials.htmlx_refsource_MISC
http://www.securityfocus.com/bid/101879vdb-entry, x_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uvax_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.078Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.info-sec.ca/advisories/Cisco-Umbrella-Hardcoded-Credentials.html"
          },
          {
            "name": "101879",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101879"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Umbrella Insights Virtual Appliance",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Umbrella Insights Virtual Appliance"
            }
          ]
        }
      ],
      "datePublic": "2017-11-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance. A successful exploit could allow the attacker to log in to the affected appliance with root privileges. Cisco Bug IDs: CSCvg31220."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-18T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.info-sec.ca/advisories/Cisco-Umbrella-Hardcoded-Credentials.html"
        },
        {
          "name": "101879",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101879"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12350",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Umbrella Insights Virtual Appliance",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Umbrella Insights Virtual Appliance"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance. A successful exploit could allow the attacker to log in to the affected appliance with root privileges. Cisco Bug IDs: CSCvg31220."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-798"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.info-sec.ca/advisories/Cisco-Umbrella-Hardcoded-Credentials.html",
              "refsource": "MISC",
              "url": "https://www.info-sec.ca/advisories/Cisco-Umbrella-Hardcoded-Credentials.html"
            },
            {
              "name": "101879",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101879"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-12350",
    "datePublished": "2017-11-16T07:00:00",
    "dateReserved": "2017-08-03T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.078Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}