#VU17835 Security restrictions bypass in Cisco HyperFlex
Vulnerability identifier: #VU17835
Vulnerability risk: Low
CVSSv3.1: 3.5 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-345
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Cisco HyperFlex
Hardware solutions /
Office equipment, IP-phones, print servers
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a local unauthenticated attacker to bypass security restrictions on the target system.
The vulnerability exists in the Graphite interface due to insufficient authorization controls. A local unauthenticated attacker can connect to the Graphite service and send arbitrary data to bypass security restrictions and write arbitrary data to Graphite, which could result in invalid statistics being presented in the interface.
Mitigation
Update to version 3.5(2a).
Vulnerable software versions
Cisco HyperFlex: 3.0.1a - 3.5.1a
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyper-write
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
