A vulnerability was found in Cisco HyperFlex Software (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Installation. The manipulation with an unknown input leads to a information disclosure vulnerability. The CWE definition for the vulnerability is CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. As an impact it is known to affect confidentiality. The summary by CVE is:

A vulnerability in the installation process of Cisco HyperFlex Software could allow an authenticated, local attacker to read sensitive information. The vulnerability is due to insufficient cleanup of installation files. An attacker could exploit this vulnerability by accessing the residual installation files on an affected system. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system.

The bug was discovered 10/03/2018. The weakness was shared 10/05/2018 as cisco-sa-20181003-hyperflex-in as confirmed advisory (Website). The advisory is shared at tools.cisco.com. This vulnerability is known as CVE-2018-15407 since 08/17/2018. An attack has to be approached locally. The successful exploitation needs a single authentication. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1592 for this issue.

The vulnerability was handled as a non-public zero-day exploit for at least 2 days. During that time the estimated underground price was around $0-$5k.

Upgrading eliminates this vulnerability.

The entries VDB-246584, VDB-247572, VDB-249395 and VDB-250972 are related to this item.

Productinfo

Vendor

• Cisco

Name

• HyperFlex Software

License

• commercial

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion