Lucene search
K

9 matches found

BDU FSTEC
BDU FSTEC
added 2020/10/14 12:0 a.m.2 views

The vulnerability in the web interface for managing physical infrastructure and Cisco UCS Director’s virtual environments allows attackers to execute cross-site scripting attacks.

The vulnerability of the Web interface for managing physical infrastructure and Cisco UCS Director virtual environments is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.3AI score0.00617EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/03 12:0 a.m.4 views

The vulnerability of Cisco UCS Director, a device for managing physical infrastructure and virtual environments, allows a attacker to rerecord any files in the file system of the vulnerable device.

The vulnerability of Cisco UCS Director regarding physical infrastructure and virtual environments exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to re-record any files in the file system of the...

8.5CVSS6.5AI score0.01982EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/06/18 3:15 a.m.3 views

CVE-2020-3242

A vulnerability in the REST API of Cisco UCS Director could allow an authenticated, remote attacker with administrative privileges to obtain confidential information from an affected device. The vulnerability exists because confidential information is returned as part of an API response. An...

4.9CVSS5.8AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/05/29 12:0 a.m.5 views

The vulnerability of the REST API interface for controlling physical infrastructure and virtual environments in Cisco UCS Director and Cisco UCS Director Express for Big Data allows attackers to enhance their privileges.

The vulnerability of the REST API interface used for controlling physical infrastructure and virtual environments in Cisco UCS Director and Cisco UCS Director Express for Big Data is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to enhance...

10CVSS7.7AI score0.75072EPSS
Exploits0References2Affected Software2
CNVD
CNVD
added 2020/04/20 12:0 a.m.3 views

Cisco UCS Director and Cisco UCS Director Express for Big Data Path Traversal Vulnerability (CNVD-2020-31979)

Cisco UCS Director and Cisco UCS Director Express for Big Data are both products from Cisco, Inc. Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Cisco UCS Director is a heterogeneous platform for private cloud infrastructure-as-a-service IaaS. A...

9.8CVSS6.9AI score0.60158EPSS
Exploits4References1
OSV
OSV
added 2020/04/15 9:15 p.m.3 views

CVE-2020-3247

Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section o...

9.8CVSS7.3AI score0.75072EPSS
Exploits0References2
OSV
OSV
added 2020/04/15 9:15 p.m.1 views

CVE-2020-3250

Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section o...

9.8CVSS7.3AI score0.60158EPSS
Exploits4References3
CNVD
CNVD
added 2019/07/19 12:0 a.m.4 views

Cisco Industrial Network Director Encryption Issue Vulnerability

Cisco Industrial Network Director IND is an industrial automation management system from Cisco. The system achieves automation management by visualizing the industrial Ethernet infrastructure. A cryptographic issue vulnerability exists in the Web Services Management Agent WSMA feature in Cisco IN...

5.9CVSS6.7AI score0.00977EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/06 12:0 a.m.2 views

Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability (CNVD-2019-16842)

Cisco Industrial Network Director IND is designed to help operations teams gain a comprehensive understanding of the automated network to improve system availability and increase overall equipment effectiveness OEE. A cross-site request forgery CSRF vulnerability exists in the web-based managemen...

8.8CVSS7AI score0.01287EPSS
Exploits1References1
Rows per page
Query Builder