CVE-2017-3817
First published: Fri Apr 07 2017(Updated: )
A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. More Information: CSCvc32434. Known Affected Releases: 5.5(0.1) 6.0(0.0).
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Computing System Director | =5.5.0.1 | |
| Cisco Unified Computing System Director | =6.0.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-3817?
The severity of CVE-2017-3817 is classified as Medium.
How do I fix CVE-2017-3817?
To fix CVE-2017-3817, upgrade Cisco Unified Computing System Director to a patched version, such as 5.5.0.2 or 6.0.1.0.
Who is impacted by CVE-2017-3817?
CVE-2017-3817 impacts organizations using Cisco Unified Computing System Director versions 5.5.0.1 and 6.0.0.0.
What type of attack does CVE-2017-3817 involve?
CVE-2017-3817 involves an authenticated, remote attack that enables unauthorized information access.
What information could be exposed due to CVE-2017-3817?
CVE-2017-3817 could allow an attacker to view unauthorized information about any virtual machine in a UCS domain.
- collector/nvd-index
- vendor/cisco
- canonical/cisco unified computing system director
- version/cisco unified computing system director/5.5.0.1
- version/cisco unified computing system director/6.0.0.0