9 matches found
The vulnerability in the web interface for managing physical infrastructure and Cisco UCS Director’s virtual environments allows attackers to execute cross-site scripting attacks.
The vulnerability of the Web interface for managing physical infrastructure and Cisco UCS Director virtual environments is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of Cisco UCS Director, a device for managing physical infrastructure and virtual environments, allows a attacker to rerecord any files in the file system of the vulnerable device.
The vulnerability of Cisco UCS Director regarding physical infrastructure and virtual environments exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to re-record any files in the file system of the...
CVE-2020-3242
A vulnerability in the REST API of Cisco UCS Director could allow an authenticated, remote attacker with administrative privileges to obtain confidential information from an affected device. The vulnerability exists because confidential information is returned as part of an API response. An...
The vulnerability of the REST API interface for controlling physical infrastructure and virtual environments in Cisco UCS Director and Cisco UCS Director Express for Big Data allows attackers to enhance their privileges.
The vulnerability of the REST API interface used for controlling physical infrastructure and virtual environments in Cisco UCS Director and Cisco UCS Director Express for Big Data is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to enhance...
Cisco UCS Director and Cisco UCS Director Express for Big Data Path Traversal Vulnerability (CNVD-2020-31979)
Cisco UCS Director and Cisco UCS Director Express for Big Data are both products from Cisco, Inc. Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Cisco UCS Director is a heterogeneous platform for private cloud infrastructure-as-a-service IaaS. A...
CVE-2020-3247
Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section o...
CVE-2020-3250
Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section o...
Cisco Industrial Network Director Encryption Issue Vulnerability
Cisco Industrial Network Director IND is an industrial automation management system from Cisco. The system achieves automation management by visualizing the industrial Ethernet infrastructure. A cryptographic issue vulnerability exists in the Web Services Management Agent WSMA feature in Cisco IN...
Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability (CNVD-2019-16842)
Cisco Industrial Network Director IND is designed to help operations teams gain a comprehensive understanding of the automated network to improve system availability and increase overall equipment effectiveness OEE. A cross-site request forgery CSRF vulnerability exists in the web-based managemen...