CVE-2026-20099

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This vulnerability is...

EUVD-2026-8670

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...

CVE-2026-20091

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...

CVE-2026-20091

CVE-2026-20091 affects Cisco FXOS Software and Cisco UCS Manager Software via the web-based management interface. The issue is a stored cross-site scripting flaw caused by insufficient input validation in the interface, allowing an authenticated attacker with Administrator/AAA Administrator crede...

Cisco UCS Manager Software 安全漏洞

Cisco UCS Manager Software is a device management software developed by the American company Cisco. There is a security vulnerability in Cisco UCS Manager Software. This vulnerability stems from the unnecessary permissions assigned at the NX-OS CLI permission level, which may allow attackers with...

CVE-2023-20016 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability

A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup...

CVE-2020-3504 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit th...

Input validation

A vulnerability in the local management local-mgmt CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system OS of an affected device. The vulnerability is due to insufficient input...

CVE-2020-3171

The CVE-2020-3171 entry covers Cisco FXOS and Cisco UCS Manager Software Local Management CLI Command Injection caused by insufficient input validation in the local-mgmt CLI. An authenticated, local attacker can run arbitrary commands on the device’s underlying OS; on most platforms this occurs w...

CVE-2020-3173 Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system OS on an affected device. The vulnerability is due to insufficient input validation of command...

PT-2020-1992 · Cisco · Cisco Fxos +3

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software versions affected versions not specified Cisco UCS Manager Software versions affected versions not specified Description: The issue is related to insufficient input validation in the command-line interface of Cisco FXOS...