1. Home
  2. Mapping Frameworks
  3. CVE Home
  4. Cisco UCS Director

CVE CVE-2020-3240 Mappings

Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-3240 Cisco UCS Director primary_impact T1005 Data from Local System
CVE-2020-3240 Cisco UCS Director primary_impact T1505.003 Web Shell
CVE-2020-3240 Cisco UCS Director secondary_impact T1003.008 /etc/passwd and /etc/shadow
CVE-2020-3240 Cisco UCS Director secondary_impact T1552.001 Credentials In Files
CVE-2020-3240 Cisco UCS Director secondary_impact T1059 Command and Scripting Interpreter
CVE-2020-3240 Cisco UCS Director exploitation_technique T1133 External Remote Services