CVE-2017-12315

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative user to conduct this attack. The vulnerability is due to lack of proper masking of sensitive information in system log files. An attacker could exploit this vulnerability by authenticating to the targeted device and viewing the system log file. An exploit could allow the attacker to view sensitive system information that should have been restricted. The attacker could use this information to conduct additional reconnaissance attacks. Cisco Bug IDs: CSCvg31472.

CVSS v3 6.0 MEDIUM
CVSS v2.0 2.1 LOW

6.0^/10

CVSS v3 : MEDIUM

Vector : AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Exploitability : 1.5 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/101864	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-hyperflex	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:cisco:hyperflex_hx_data_platform:2.6\(1a\):*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-11-16 07:29

Updated : 2024-02-28 16:04

NVD link : CVE-2017-12315

Mitre link : CVE-2017-12315

CVE.ORG link : CVE-2017-12315

JSON object : View

Products Affected

cisco

hyperflex_hx_data_platform

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2017-12315", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 1.5}]}, "published": "2017-11-16T07:29:00.743", "references": [{"url": "http://www.securityfocus.com/bid/101864", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-hyperflex", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative user to conduct this attack. The vulnerability is due to lack of proper masking of sensitive information in system log files. An attacker could exploit this vulnerability by authenticating to the targeted device and viewing the system log file. An exploit could allow the attacker to view sensitive system information that should have been restricted. The attacker could use this information to conduct additional reconnaissance attacks. Cisco Bug IDs: CSCvg31472."}, {"lang": "es", "value": "Una vulnerabilidad en el inicio de sesi\u00f3n del sistema cuando se est\u00e1 configurando la replicaci\u00f3n en Cisco HyperFlex System podr\u00eda permitir que un atacante local autenticado vea informaci\u00f3n sensible que deber\u00eda estar restringida en los archivos de registro del sistema. El atacante tendr\u00eda que estar autenticado como usuario administrativo para llevar a cabo este ataque. La vulnerabilidad se debe a la falta de enmascaramiento de informaci\u00f3n sensible en archivos de registro del sistema. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose en el dispositivo objetivo y viendo el archivo de registro del sistema. Un exploit podr\u00eda permitir que el atacante vea informaci\u00f3n sensible del sistema que deber\u00eda estar restringida. El atacante podr\u00eda utilizar esta informaci\u00f3n para llevar a cabo ataques de reconocimiento adicionales. Cisco Bug IDs: CSCvg31472."}], "lastModified": "2019-10-09T23:22:56.183", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:hyperflex_hx_data_platform:2.6\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D56AD98-9D0D-4ECA-8766-4F19A33F954D"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}