var-201711-0345
Vulnerability from variot
A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance. A successful exploit could allow the attacker to log in to the affected appliance with root privileges. Cisco Bug IDs: CSCvg31220. Vendors have confirmed this vulnerability Bug ID CSCvg31220 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. CiscoUmbrellaInsightsVirtualAppliances is a cloud-based secure Internet gateway device from Cisco. Local attackers may exploit this issue to gain elevated privileges.
Timeline
October 10, 2017 - Notified Cisco via psirt@cisco.com October 11, 2017 - Cisco assigned a case number November 8, 2017 - Cisco advised that the issue has been resolved and that a security advisory will be published on November 15, 2017 November 15, 2017 - Cisco published a security advisory to document this issue
Solution
Upgrade to virtual appliance 2.1.2 or later
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva
CVE-ID:
CVE-2017-12350
Questions?
https://www.info-sec.ca/contact.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0345",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "umbrella insights virtual appliance",
"scope": "lte",
"trust": 1.8,
"vendor": "cisco",
"version": "2.1.0"
},
{
"model": "umbrella insights virtual appliances",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "umbrella insights virtual appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2.1.0"
},
{
"model": "umbrella insights virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34919"
},
{
"db": "BID",
"id": "101879"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010149"
},
{
"db": "NVD",
"id": "CVE-2017-12350"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-659"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:umbrella_insights_virtual_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12350"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David Coomber.",
"sources": [
{
"db": "BID",
"id": "101879"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12350",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-12350",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-34919",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-102864",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-12350",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-12350",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-34919",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-659",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-102864",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34919"
},
{
"db": "VULHUB",
"id": "VHN-102864"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010149"
},
{
"db": "NVD",
"id": "CVE-2017-12350"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-659"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance. A successful exploit could allow the attacker to log in to the affected appliance with root privileges. Cisco Bug IDs: CSCvg31220. Vendors have confirmed this vulnerability Bug ID CSCvg31220 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. CiscoUmbrellaInsightsVirtualAppliances is a cloud-based secure Internet gateway device from Cisco. \nLocal attackers may exploit this issue to gain elevated privileges. \n\nTimeline\n\nOctober 10, 2017 - Notified Cisco via psirt@cisco.com\nOctober 11, 2017 - Cisco assigned a case number\nNovember 8, 2017 - Cisco advised that the issue has been resolved and that a security advisory will be published on November 15, 2017\nNovember 15, 2017 - Cisco published a security advisory to document this issue\n\nSolution\n\nUpgrade to virtual appliance 2.1.2 or later\n\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva\n\nCVE-ID: \n\nCVE-2017-12350\n\nQuestions?\n\nhttps://www.info-sec.ca/contact.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12350"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010149"
},
{
"db": "CNVD",
"id": "CNVD-2017-34919"
},
{
"db": "BID",
"id": "101879"
},
{
"db": "VULHUB",
"id": "VHN-102864"
},
{
"db": "PACKETSTORM",
"id": "145032"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12350",
"trust": 3.5
},
{
"db": "BID",
"id": "101879",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010149",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-659",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34919",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "145032",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-102864",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34919"
},
{
"db": "VULHUB",
"id": "VHN-102864"
},
{
"db": "BID",
"id": "101879"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010149"
},
{
"db": "PACKETSTORM",
"id": "145032"
},
{
"db": "NVD",
"id": "CVE-2017-12350"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-659"
}
]
},
"id": "VAR-201711-0345",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34919"
},
{
"db": "VULHUB",
"id": "VHN-102864"
}
],
"trust": 1.2833333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34919"
}
]
},
"last_update_date": "2023-12-18T12:29:20.210000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20171115-uva",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171115-uva"
},
{
"title": "Patch for Cisco UmbrellaInsightsVirtualAppliances Local Privilege Escalation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/106628"
},
{
"title": "Cisco Umbrella Insights Virtual Appliances Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=76488"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34919"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010149"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-659"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102864"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010149"
},
{
"db": "NVD",
"id": "CVE-2017-12350"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171115-uva"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/101879"
},
{
"trust": 1.7,
"url": "https://www.info-sec.ca/advisories/cisco-umbrella-hardcoded-credentials.html"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12350"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12350"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://umbrella.cisco.com/)"
},
{
"trust": 0.1,
"url": "https://www.info-sec.ca/contact.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34919"
},
{
"db": "VULHUB",
"id": "VHN-102864"
},
{
"db": "BID",
"id": "101879"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010149"
},
{
"db": "PACKETSTORM",
"id": "145032"
},
{
"db": "NVD",
"id": "CVE-2017-12350"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-659"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-34919"
},
{
"db": "VULHUB",
"id": "VHN-102864"
},
{
"db": "BID",
"id": "101879"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010149"
},
{
"db": "PACKETSTORM",
"id": "145032"
},
{
"db": "NVD",
"id": "CVE-2017-12350"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-659"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34919"
},
{
"date": "2017-11-16T00:00:00",
"db": "VULHUB",
"id": "VHN-102864"
},
{
"date": "2017-11-15T00:00:00",
"db": "BID",
"id": "101879"
},
{
"date": "2017-12-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010149"
},
{
"date": "2017-11-17T16:23:39",
"db": "PACKETSTORM",
"id": "145032"
},
{
"date": "2017-11-16T07:29:01.057000",
"db": "NVD",
"id": "CVE-2017-12350"
},
{
"date": "2017-11-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-659"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34919"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-102864"
},
{
"date": "2017-12-19T22:00:00",
"db": "BID",
"id": "101879"
},
{
"date": "2017-12-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010149"
},
{
"date": "2019-10-09T23:22:59.810000",
"db": "NVD",
"id": "CVE-2017-12350"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-659"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "101879"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-659"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Umbrella Insights Virtual Appliance Vulnerabilities related to the use of hard-coded credentials",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010149"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-659"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.