// For flags

CVE-2018-0238

 

Severity Score

9.9
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in the UCS Director end-user portal and perform any permitted operations on any virtual machine. The permitted operations can be configured for the end user on the virtual machines with either of the following settings: The virtual machine is associated to a Virtual Data Center (VDC) that has an end user self-service policy attached to the VDC. The end user role has VM Management Actions settings configured under User Permissions. This is a global configuration, so all the virtual machines visible in the end-user portal will have the VM management actions available. The vulnerability is due to improper user authentication checks. An attacker could exploit this vulnerability by logging in to the UCS Director with a modified username and valid password. A successful exploit could allow the attacker to gain visibility into and perform actions against all virtual machines in the UCS Director end-user portal of the affected system. This vulnerability affects Cisco Unified Computing System (UCS) Director releases 6.0 and 6.5 prior to patch 3 that are in a default configuration. Cisco Bug IDs: CSCvh53501.

Una vulnerabilidad en la funcionalidad de comprobación de recursos basada en roles de Cisco Unified Computing System (UCS) Director podría permitir que un atacante remoto autenticado vea información no autorizada para cualquier máquina virtual en el portal de usuario final de UCS Director y realice cualquier operación permitida en cualquier máquina virtual. Las operaciones permitidas pueden configurarse para el usuario final en las máquinas virtuales con una de las siguientes configuraciones: La máquina virtual está asociada a un VDC (Virtual Data Center) que tiene una política de autoservicio del usuario final adjunta al VDC. El rol de usuario final tiene las opciones de VM Management Action en User Permissions. Esta configuración es global, por lo que todas las máquinas virtuales visibles en el portal del usuario final tendrán acciones de gestión de VM disponibles. Esta vulnerabilidad se debe a comprobaciones de autenticación de usuario incorrectas. Un atacante podría explotar esta vulnerabilidad iniciando sesión en el UCS Director con un nombre de usuario modificado y una contraseña válida. Su explotación con éxito podría permitir que el atacante obtenga visibilidad y realice acciones en todas las máquinas virtuales del portal del usuario final de UCS Director del sistema afectado. Esta vulnerabilidad afecta a Cisco Unified Computing System (UCS) Director releases 6.0 y 6.5 anteriores al patch 3, si tienen la configuración por defecto. Cisco Bug IDs: CSCvh53501.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-11-27 CVE Reserved
  • 2018-04-19 CVE Published
  • 2024-06-14 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-287: Improper Authentication
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Unified Computing System Director
Search vendor "Cisco" for product "Unified Computing System Director"
6.5\(0.0\)
Search vendor "Cisco" for product "Unified Computing System Director" and version "6.5\(0.0\)"
-
Affected
Cisco
Search vendor "Cisco"
Unified Computing System Director
Search vendor "Cisco" for product "Unified Computing System Director"
6.5\(0.1\)
Search vendor "Cisco" for product "Unified Computing System Director" and version "6.5\(0.1\)"
-
Affected