CVE-2024-20279

{"id": "CVE-2024-20279", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2024-08-28T17:15:06.113", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-cousmo-uBpBYGbq", "source": "ykramarz@cisco.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service (QoS) policies, on an affected system. This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete child policies created under default system policies, which are implicitly used by all tenants in the fabric, resulting in disruption of network traffic. Exploitation is not possible for policies under tenants that an attacker has no authorization to access."}, {"lang": "es", "value": "Una vulnerabilidad en la implementaci\u00f3n del dominio de seguridad restringido de Cisco Application Policy Infrastructure Controller (APIC) podr\u00eda permitir que un atacante remoto autenticado modifique el comportamiento de las pol\u00edticas predeterminadas del sistema, como las pol\u00edticas de calidad de servicio (QoS), en un sistema afectado. Esta vulnerabilidad se debe a un control de acceso inadecuado cuando se utilizan dominios de seguridad restringidos para implementar la multi-tenencia. Un atacante con una cuenta de usuario v\u00e1lida asociada con un dominio de seguridad restringido podr\u00eda aprovechar esta vulnerabilidad. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante leer, modificar o eliminar pol\u00edticas secundarias creadas bajo pol\u00edticas predeterminadas del sistema, que son utilizadas impl\u00edcitamente por todos los inquilinos en la estructura, lo que provoca la interrupci\u00f3n del tr\u00e1fico de la red. La explotaci\u00f3n no es posible para las pol\u00edticas bajo inquilinos a los que un atacante no tiene autorizaci\u00f3n para acceder."}], "lastModified": "2024-08-29T13:25:27.537", "sourceIdentifier": "ykramarz@cisco.com"}