CVE-2020-3247 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data

🗓️ 15 Apr 2020 20:10:43Reported by ciscoType

Vulnerabilities in Cisco UCS Director

Reporter	Title	Published	Views	Family All 12
BDU FSTEC	The vulnerability of the REST API interface for controlling physical infrastructure and virtual environments in Cisco UCS Director and Cisco UCS Director Express for Big Data allows attackers to enhance their privileges.	29 May 202000:00	–	bdu_fstec
Circl	CVE-2020-3247	21 Oct 202417:14	–	circl
Cisco	Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data	15 Apr 202016:00	–	cisco
Tenable Nessus	Cisco UCS Director and Cisco UCS Director Express for Big Data Multiple Vuulnerabilities (cisco-sa-ucsd-mult-vulns-UNfpdW4E)	21 Apr 202000:00	–	nessus
CNVD	Cisco UCS Director and Cisco UCS Director Express for Big Data Path Traversal Vulnerability (CNVD-2020-25348)	16 Apr 202000:00	–	cnvd
Check Point Advisories	Cisco UCS Director RestAPI Remote Code Execution (CVE-2020-3247)	6 Aug 202000:00	–	checkpoint_advisories
CVE	CVE-2020-3247	15 Apr 202020:10	–	cve
NVD	CVE-2020-3247	15 Apr 202021:15	–	nvd
Prion	Directory traversal	15 Apr 202021:15	–	prion
ThreatPost	Cisco IP Phone Harbors Critical RCE Flaw	16 Apr 202018:49	–	threatpost

[
  {
    "product": "Cisco UCS Director",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

Source	Link
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-20-541/

16 Apr 2020 18:06Current

9.8High risk

Vulners AI Score9.8

CVSS 39.8

EPSS0.46067

CWE-20