Details of VAR-201711-0345

ID

VAR-201711-0345

CVE

CVE-2017-12350

TITLE

Cisco Umbrella Insights Virtual Appliance Vulnerabilities related to the use of hard-coded credentials

Trust: 0.8

sources: JVNDB: JVNDB-2017-010149

DESCRIPTION

A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance. A successful exploit could allow the attacker to log in to the affected appliance with root privileges. Cisco Bug IDs: CSCvg31220. Vendors have confirmed this vulnerability Bug ID CSCvg31220 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. CiscoUmbrellaInsightsVirtualAppliances is a cloud-based secure Internet gateway device from Cisco. Local attackers may exploit this issue to gain elevated privileges. Timeline October 10, 2017 - Notified Cisco via psirt@cisco.com October 11, 2017 - Cisco assigned a case number November 8, 2017 - Cisco advised that the issue has been resolved and that a security advisory will be published on November 15, 2017 November 15, 2017 - Cisco published a security advisory to document this issue Solution Upgrade to virtual appliance 2.1.2 or later https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva CVE-ID: CVE-2017-12350 Questions? https://www.info-sec.ca/contact.html

Trust: 2.61

sources: NVD: CVE-2017-12350 // JVNDB: JVNDB-2017-010149 // CNVD: CNVD-2017-34919 // BID: 101879 // VULHUB: VHN-102864 // PACKETSTORM: 145032

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-34919

AFFECTED PRODUCTS

vendor:	cisco	model:	umbrella insights virtual appliance	scope:	lte	version:	2.1.0	Trust: 1.8
vendor:	cisco	model:	umbrella insights virtual appliances	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	umbrella insights virtual appliance	scope:	eq	version:	2.1.0	Trust: 0.6
vendor:	cisco	model:	umbrella insights virtual appliance	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2017-34919 // BID: 101879 // JVNDB: JVNDB-2017-010149 // CNNVD: CNNVD-201711-659 // NVD: CVE-2017-12350

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-12350
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-12350
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-34919
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201711-659
value:	HIGH
Trust: 0.6
VULHUB:	VHN-102864
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-12350
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-34919
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-102864
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-12350
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.5
impactScore:	6.0
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-34919 // VULHUB: VHN-102864 // JVNDB: JVNDB-2017-010149 // CNNVD: CNNVD-201711-659 // NVD: CVE-2017-12350

PROBLEMTYPE DATA

problemtype:

CWE-798

Trust: 1.9

sources: VULHUB: VHN-102864 // JVNDB: JVNDB-2017-010149 // NVD: CVE-2017-12350

THREAT TYPE

local

Trust: 0.9

sources: BID: 101879 // CNNVD: CNNVD-201711-659

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201711-659

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-010149

PATCH

title:	cisco-sa-20171115-uva	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva	Trust: 0.8
title:	Patch for Cisco UmbrellaInsightsVirtualAppliances Local Privilege Escalation Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/106628	Trust: 0.6
title:	Cisco Umbrella Insights Virtual Appliances Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76488	Trust: 0.6

sources: CNVD: CNVD-2017-34919 // JVNDB: JVNDB-2017-010149 // CNNVD: CNNVD-201711-659

EXTERNAL IDS

db:	NVD	id:	CVE-2017-12350	Trust: 3.5
db:	BID	id:	101879	Trust: 2.6
db:	JVNDB	id:	JVNDB-2017-010149	Trust: 0.8
db:	CNNVD	id:	CNNVD-201711-659	Trust: 0.7
db:	CNVD	id:	CNVD-2017-34919	Trust: 0.6
db:	PACKETSTORM	id:	145032	Trust: 0.2
db:	VULHUB	id:	VHN-102864	Trust: 0.1

sources: CNVD: CNVD-2017-34919 // VULHUB: VHN-102864 // BID: 101879 // JVNDB: JVNDB-2017-010149 // PACKETSTORM: 145032 // CNNVD: CNNVD-201711-659 // NVD: CVE-2017-12350

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171115-uva	Trust: 2.7
url:	http://www.securityfocus.com/bid/101879	Trust: 1.7
url:	https://www.info-sec.ca/advisories/cisco-umbrella-hardcoded-credentials.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2017-12350	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12350	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://umbrella.cisco.com/)	Trust: 0.1
url:	https://www.info-sec.ca/contact.html	Trust: 0.1

sources: CNVD: CNVD-2017-34919 // VULHUB: VHN-102864 // BID: 101879 // JVNDB: JVNDB-2017-010149 // PACKETSTORM: 145032 // CNNVD: CNNVD-201711-659 // NVD: CVE-2017-12350

CREDITS

David Coomber.

Trust: 0.3

sources: BID: 101879

SOURCES

db:	CNVD	id:	CNVD-2017-34919
db:	VULHUB	id:	VHN-102864
db:	BID	id:	101879
db:	JVNDB	id:	JVNDB-2017-010149
db:	PACKETSTORM	id:	145032
db:	CNNVD	id:	CNNVD-201711-659
db:	NVD	id:	CVE-2017-12350

LAST UPDATE DATE

2024-11-23T22:12:48.010000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-34919	date:	2017-11-22T00:00:00
db:	VULHUB	id:	VHN-102864	date:	2019-10-09T00:00:00
db:	BID	id:	101879	date:	2017-12-19T22:00:00
db:	JVNDB	id:	JVNDB-2017-010149	date:	2017-12-06T00:00:00
db:	CNNVD	id:	CNNVD-201711-659	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-12350	date:	2024-11-21T03:09:21.610

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-34919	date:	2017-11-22T00:00:00
db:	VULHUB	id:	VHN-102864	date:	2017-11-16T00:00:00
db:	BID	id:	101879	date:	2017-11-15T00:00:00
db:	JVNDB	id:	JVNDB-2017-010149	date:	2017-12-06T00:00:00
db:	PACKETSTORM	id:	145032	date:	2017-11-17T16:23:39
db:	CNNVD	id:	CNNVD-201711-659	date:	2017-11-20T00:00:00
db:	NVD	id:	CVE-2017-12350	date:	2017-11-16T07:29:01.057