Lucene search
CiscoCVE-2013-1182HistoryApr 25, 2013 - 10:55 a.m.
CVE-2013-1182
2013-04-2510:55:01
CWE-264
cisco
web.nvd.nist.gov
29
cisco
unified computing system
ucs
ldap
authentication
remote attack
cve-2013-1182
nvd
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
71.9%
The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.
Affected configurations
Node
ciscounified_computing_system_infrastructure_and_unified_computing_system_softwareRange≤1.0
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.1
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1c\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1m\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1n\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1o\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1p\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1q\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1t\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1w\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1y\)
ciscounified_computing_system_6120xp_fabric_interconnectMatch-
ORciscounified_computing_system_6140xp_fabric_interconnectMatch-
ORciscounified_computing_system_6248up_fabric_interconnectMatch-
ORciscounified_computing_system_6296up_fabric_interconnectMatch-
ORciscounified_computing_system_integrated_management_controllerMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | * | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:*:*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.1 | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1:*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.3(1c) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\(1c\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.3(1m) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\(1m\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.3(1n) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\(1n\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.3(1o) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\(1o\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.3(1p) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\(1p\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.3(1q) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\(1q\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.3(1t) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\(1t\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.3(1w) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\(1w\):*:*:*:*:*:*:* |
Related
prion
prion
Authentication flaw
2013-04-25 10:55:00
nvd
nvd
CVE-2013-1182
2013-04-25 10:55:01
cvelist
cvelist
CVE-2013-1182
2013-04-25 10:00:00
nessus
nessus
securityvulns
securityvulns
Cisco Unified Computing System multiple security vulnerabilities
2013-05-06 00:00:00
cisco
cisco
Multiple Vulnerabilities in Cisco Unified Computing System
2013-04-24 16:00:00
openvas
openvas
Cisco Unified Computing System Multiple Vulnerabilities
2013-10-10 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
71.9%
Related for CVE-2013-1182