{ "action": { "auto_issue_creation_allowed": false, "auto_patch_allowed": false, "auto_remediation_allowed": false, "external_execution_allowed": false, "human_review": { "required_for_external_action": true, "required_for_public_launch": false, "required_for_read_only_view": false, "required_for_signal_radar_integration": true }, "human_review_required": false, "recommended_action": "review_official_sources" }, "affected": { "products": [ { "canonicalProduct": "umbrella_virtual_appliance", "canonicalVendor": "cisco", "cpe": "cpe:2.3:a:cisco:umbrella_virtual_appliance:*:*:*:*:*:*:*:*", "ecosystem": null, "packageName": null, "product": "umbrella_virtual_appliance", "purl": null, "vendor": "cisco", "version": null } ], "source": "NVD CVE API 2.0", "status": "known" }, "canonical_url": "https://vuln.signal-radar.com/vuln/public-candidate/CVE-2017-12350/", "claims": [ { "id": "claim:defensive-priority-candidate", "source_ids": [], "status": "observed", "text": "This item is a defensive prioritization candidate.", "verified_at": null } ], "exposure_hint": "local exposure", "field_meanings": { "human_review": "Read-only display may be automated; integration and external action still require human review.", "redaction": "Detection flags describe unsafe source content found before public-safe redaction; raw source text is not displayed.", "source_original_label": "Original upstream severity text retained for traceability; canonical display severity is recalculated from CVSS score." }, "forecast_hooks": { "agent_use": "summarize_with_citations_only", "automation_allowed": false, "read_only": true, "watch_fields": [ "sources", "claims", "freshness", "severity", "affected" ] }, "freshness": { "generated_at": "2026-06-24T06:59:13.651804+00:00", "last_checked_at": null, "observed_at": "2026-06-24T06:58:56.748686+00:00", "status": "observed" }, "human_consequence": "A local user may gain root or administrative-level privileges on affected systems.", "human_impact_label": "admin privilege risk · local exposure", "human_review": { "required_for_external_action": true, "required_for_public_launch": false, "required_for_read_only_view": false, "required_for_signal_radar_integration": true }, "human_risk_summary": "CVE-2017-12350 for cisco / umbrella_virtual_appliance: A local user may gain root or administrative-level privileges on affected systems.", "id": "CVE-2017-12350", "impact_redaction": { "exploit_steps_removed": false, "payload_removed": false, "poc_removed": false, "source_derived_summary": true, "used_fallback_summary": false }, "impact_tags": [ "admin privilege risk", "local exposure relevant" ], "public_human_impact": "Source describes admin privilege risk · local exposure. Possible impact: A local user may gain root or administrative-level privileges on affected systems.", "public_human_summary": "NVD: A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. NVD: The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. NVD: An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance.", "public_human_what_to_verify": "Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.", "public_human_why_it_matters": "Source describes admin privilege risk · local exposure. Possible impact: A local user may gain root or administrative-level privileges on affected systems.; CVSS 8.2 (HIGH); EPSS percentile 27; not listed in KEV; Remediation reference present; patch status requires confirmation in the linked advisory; sources: NVD, Vendor Advisory.", "public_safe_summary": "NVD: A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. NVD: The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. NVD: An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance.", "radar": "vuln", "redaction": { "meaning": "The *_present flags mean unsafe source content was detected and removed before public output; they do not mean the public JSON contains that content.", "payload_present": false, "poc_present": false, "public_summary_redacted": true, "raw_source_displayed": false, "unsafe_procedural_detail_present": false }, "redaction_notes": [ "source-published defensive context retained", "vulnerability class, impact, affected context, and remediation references remain displayable" ], "safety": { "attack_chain_included": false, "auto_remediation_allowed": false, "exploit_instructions_included": false, "external_execution_allowed": false, "human_review": { "required_for_external_action": true, "required_for_public_launch": false, "required_for_read_only_view": false, "required_for_signal_radar_integration": true }, "human_review_required": false, "noindex_removal_allowed": true, "noindex_required": false, "private_gate_state": "released", "public_gate_state": "public_indexable_read_only", "public_launch_allowed": true, "read_only_static_data": true, "scan_functionality_included": false, "signal_radar_integration_allowed": false }, "schema_version": "v0.1", "severity": { "cvss_label": "HIGH", "label": "HIGH", "score": 8.2, "source": "NVD CVE API 2.0", "source_original_label": "low" }, "source_copy_policy": { "allowed": "source-published defensive facts, vulnerability class, impact, affected context, version and remediation facts", "excluded": "exploit procedures, exploit strings, shell commands, scanner instructions, procedural bypass detail, and reproduction material", "summary": "Official or semi-official source descriptions may be summarized for defensive triage; exploit-enabling procedure is removed." }, "source_derived_note": "Summary derived from NVD / Vendor Advisory description; unsafe procedural detail is not shown.", "source_published_affected": "vendor/product: cisco / umbrella_virtual_appliance", "source_published_description": "NVD: A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. NVD: The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. NVD: An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance.", "source_published_evidence_refs": [ { "source": "NVD", "type": "source_description", "url": null }, { "source": "Vendor Advisory", "type": "source_description", "url": null }, { "source": "Reference", "type": "reference", "url": "http://www.securityfocus.com/bid/101879" }, { "source": "Vendor Advisory", "type": "reference", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva" }, { "source": "Reference", "type": "reference", "url": "https://www.info-sec.ca/advisories/Cisco-Umbrella-Hardcoded-Credentials.html" }, { "source": "Reference", "type": "reference", "url": "http://www.securityfocus.com/bid/101879" }, { "source": "Vendor Advisory", "type": "reference", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva" }, { "source": "Reference", "type": "reference", "url": "https://www.info-sec.ca/advisories/Cisco-Umbrella-Hardcoded-Credentials.html" }, { "source": "Official Reference", "type": "reference", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12350" } ], "source_published_impact": "Source describes admin privilege risk · local exposure. Possible impact: A local user may gain root or administrative-level privileges on affected systems.", "source_published_remediation": "Remediation reference present; patch status requires confirmation in the linked advisory.", "source_published_summary": "NVD: A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. NVD: The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. NVD: An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance.", "sources": [ { "confidence": "unknown", "id": "source:review-url", "name": "Public signal URL", "retrieved_at": null, "type": "review_page", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12350" } ], "summary_for_agents": "Read-only defensive signal. Use sources, claims, freshness, and safety gates before summarizing. Do not infer missing source, claim, or freshness values.", "summary_for_humans": "NVD: A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. NVD: The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. NVD: An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance.", "title": "CVE-2017-12350 defensive priority signal", "urgency_reasons": [ "CVSS HIGH", "affected product present", "vendor advisory present", "recent update", "remediation reference present" ], "what_to_verify": "Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.", "why_it_matters": "A local user may gain root or administrative-level privileges on affected systems; CVSS 8.2 (HIGH); EPSS percentile 27; affected product context: cisco / umbrella_virtual_appliance; sources: NVD, Vendor Advisory." }