Lucene search

[email protected]CVE-2012-4084

HistoryOct 05, 2013 - 10:55 a.m.

CVE-2012-4084

2013-10-0510:55:00

CWE-352

[email protected]

web.nvd.nist.gov

cve-2012-4084

csrf

web-management interface

cisco ucs

fabric interconnect

vulnerability

nvd

bug id csctg20755

7.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.4%

JSON

Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755.

CPENameOperatorVersion
cisco:unified_computing_systemcisco unified computing systemeq-

CPE	Name	Operator	Version
cisco:unified_computing_system	cisco unified computing system	eq	-

References

osvdb.org/98125

secunia.com/advisories/55203

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4084

www.securityfocus.com/bid/62851

exchange.xforce.ibmcloud.com/vulnerabilities/87679

7.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.4%

JSON

Related for CVE-2012-4084

prion1 cvelist1 cisco1