CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

BDU FSTEC•added 2020/05/29 12:0 a.m.•1 views

The vulnerability of the REST API interface for controlling physical infrastructure and virtual environments in Cisco UCS Director and Cisco UCS Director Express for Big Data allows a attacker to execute arbitrary code.

The vulnerability of the REST API interface for controlling physical infrastructure and virtual environments of Cisco UCS Director and Cisco UCS Director Express for Big Data is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute...

9.8CVSS0.30726EPSS

Exploits1References2Affected Software2

BDU FSTEC•added 2020/05/29 12:0 a.m.•1 views

The vulnerability of the REST API interface used for controlling physical infrastructure and virtual environments in Cisco UCS Director and Cisco UCS Director Express for Big Data is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execut...

9.8CVSS0.38933EPSS

Exploits0References2Affected Software2

BDU FSTEC•added 2020/05/29 12:0 a.m.•1 views

The vulnerability of the REST API interface for managing physical infrastructure and virtual environments in Cisco UCS Director and Cisco UCS Director Express for Big Data allows a attacker to trigger a service failure.

The vulnerability of the REST API interface for managing physical infrastructure and virtual environments in Cisco UCS Director and Cisco UCS Director Express for Big Data is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to trigger...

9.8CVSS0.26235EPSS

Exploits0References2Affected Software2

OSV•added 2020/05/06 5:15 p.m.•2 views

CVE-2020-3329

A vulnerability in role-based access control of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. The vulnerability is due to...

4.3CVSS5.9AI score

Exploits0References1

Prion•added 2020/05/06 5:15 p.m.•16 views

Design/Logic Flaw

4CVSS4.9AI score0.00139EPSS

Exploits0References1Affected Software3

Vulnrichment•added 2020/05/06 4:40 p.m.•7 views

CVE-2020-3329 Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability

4.3CVSS7.1AI score0.00139EPSS

Exploits0References1

Cvelist•added 2020/05/06 4:40 p.m.•14 views

CVE-2020-3329 Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability

4.3CVSS4.8AI score0.00139EPSS

Exploits0References1

Cisco•added 2020/05/06 4:0 p.m.•27 views

Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability

4.3CVSS4.8AI score0.00139EPSS

Exploits0References1

CNVD•added 2020/04/20 12:0 a.m.•2 views

Cisco UCS Director and Cisco UCS Director Express for Big Data Path Traversal Vulnerability (CNVD-2020-31979)

Cisco UCS Director and Cisco UCS Director Express for Big Data are both products from Cisco, Inc. Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Cisco UCS Director is a heterogeneous platform for private cloud infrastructure-as-a-service IaaS. A...

9.8CVSS6.9AI score0.89688EPSS

Exploits4References1

CNVD•added 2020/04/16 12:0 a.m.•3 views

Cisco UCS Director and Cisco UCS Director Express for Big Data Path Traversal Vulnerability (CNVD-2020-25345)

9.8CVSS7.4AI score0.38705EPSS

Exploits0References1

CNVD•added 2020/04/16 12:0 a.m.•1 views

Cisco UCS Director and Cisco UCS Director Express for Big Data Path Traversal Vulnerability (CNVD-2020-25348)

10CVSS7.2AI score0.46067EPSS

Exploits0References1

OSV•added 2020/04/15 9:15 p.m.•0 views

CVE-2020-3251

Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section o...

8.8CVSS5.9AI score

Exploits0References1

OSV•added 2020/04/15 9:15 p.m.•2 views

CVE-2020-3239

8.8CVSS7.3AI score0.38705EPSS

Exploits0References2

OSV•added 2020/04/15 9:15 p.m.•1 views

CVE-2020-3240

7.3CVSS7.2AI score0.38933EPSS

Exploits0References2

OSV•added 2020/04/15 9:15 p.m.•0 views

CVE-2020-3250