CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

292 matches found

Cisco•added 2013/10/21 5:57 p.m.•33 views

Cisco Unified Computing System Fabric Interconnect Man-In-The-Middle Vulnerability

A vulnerability in the Fabric Interconnect KVM module of Cisco Unified Computing System could allow an unauthenticated, remote attacker to execute a man-in-the-middle attack. The vulnerability is due to the virtual KVM sending video data unencrypted. An attacker could exploit this vulnerability b...

4.3CVSS2.7AI score0.00848EPSS

Exploits0References1

Cisco•added 2013/10/21 4:24 p.m.•27 views

Cisco Unified Computing System Fabric Interconnect Denial of Service Vulnerability

A vulnerability in the fabric interconnect of Cisco Unified Computing System could allow an authenticated, local attacker to cause a denial of service DoS condition. The vulnerability is due to improper filtering of user-supplied parameters. An attacker could exploit this vulnerability by executi...

4.6CVSS1.8AI score0.00262EPSS

Exploits0References1

Prion•added 2013/10/21 10:50 a.m.•17 views

Code injection

The fabric-interconnect component in Cisco Unified Computing System UCS does not encrypt KVM virtual-media data, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify this traffic by inserting packets into the client-server data stream, aka Bug...

5.8CVSS6.4AI score0.00848EPSS

Exploits0References1

NVD•added 2013/10/19 10:36 a.m.•23 views

CVE-2012-4117

The fabric-interconnect component in Cisco Unified Computing System UCS does not properly verify X.509 certificates, which allows man-in-the-middle attackers to watch SSL KVM video-channel traffic or modify this traffic via a crafted certificate, aka Bug ID CSCtr73033...

5.8CVSS6.3AI score0.00527EPSS

Exploits0References1

NVD•added 2013/10/19 10:36 a.m.•25 views

CVE-2012-4112

The Baseboard Management Controller BMC in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the command-line interface, aka Bug ID CSCtr43330...

6.8CVSS7.5AI score0.00328EPSS

Exploits0References1

CVE•added 2013/10/19 10:0 a.m.•58 views

CVE-2012-4112

CVE-2012-4112 affects the Cisco UCS Baseboard Management Controller (BMC). A vulnerability in the BMC’s command-line interface (CLI) allows a locally authenticated attacker to inject arbitrary commands with elevated privileges due to improper filtering of user-supplied parameters. Exploitation re...

6.8CVSS7.7AI score0.00328EPSS

Exploits0References1Affected Software1

Cisco•added 2013/10/18 2:41 p.m.•25 views

Cisco Unified Computing System Fabric Interconnect Information Disclosure Vulnerability

A vulnerability in the Fabric Interconnect of Cisco Unified Computing System could allow an unauthenticated, remote attacker to capture KVM media connection credentials. The vulnerability is due to improperly securing the KVM media traffic between the server and the client. An attacker could...

4.3CVSS2.1AI score0.01119EPSS

Exploits0References1

Cisco•added 2013/10/18 2:39 p.m.•34 views

Cisco Unified Computing System Fabric Interconnect Information Disclosure Vulnerability

A vulnerability in the Fabric Interconnect of Cisco Unified Computing System could allow an unauthenticated, remote attacker to capture or modify KVM virtual media traffic. The vulnerability is due to improperly securing the KVM virtual media traffic between the server and the client. An attacker...

4.3CVSS3.2AI score0.00848EPSS

Exploits0References1

Cisco•added 2013/10/14 8:48 p.m.•28 views

Cisco Unified Computing System Fabric Interconnect Arbitrary File Creation Vulnerability

A vulnerability in the fabric interconnect of the Cisco Unified Computing System could allow an authenticated, local attacker to execute commands with elevated privileges. The vulnerability is due to improper filtering of user-supplied parameters. An attacker could exploit this vulnerability by...

4.6CVSS3.2AI score0.0028EPSS

Exploits0References1

Cisco•added 2013/10/14 8:10 p.m.•26 views

Cisco Unified Computing System Fabric Interconnect Denial of Service Vulnerability

A vulnerability in the fabric interconnect FI of the Cisco Unified Computing System could allow an authenticated, local attacker to create a denial of service DoS condition. The vulnerability is due to improper filtering of user-supplied parameters. An attacker could exploit this vulnerability by...

4.6CVSS2.1AI score0.00309EPSS

Exploits0References1

Cisco•added 2013/10/14 2:58 p.m.•28 views

Cisco Unified Computing System Fabric Interconnect Privilege Escalation Vulnerability

A vulnerability in the fabric interconnect of the Cisco Unified Computing System could allow an authenticated, local attacker to execute scripts with elevated privileges. The vulnerability occurs because all scripts are executed at the same privilege level. An attacker could exploit this...

6.8CVSS3.4AI score0.004EPSS

Exploits0References1

CVE•added 2013/10/13 10:0 a.m.•47 views

CVE-2012-4108

The CVE-2012-4108 entry concerns Cisco Unified Computing System (UCS) fabric interconnect. The vulnerability arises from improper filtering of user-supplied parameters to a file-related command, enabling an authenticated, local attacker to gain privileges and execute arbitrary operating-system co...

6.8CVSS7.5AI score0.00351EPSS

Exploits0References1Affected Software1

OpenVAS•added 2013/10/10 12:0 a.m.•34 views

Cisco UCS Manager Detection (HTTP)

HTTP based detection of Cisco UCS Manager. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Exploits0References1

OpenVAS•added 2013/10/10 12:0 a.m.•28 views

Cisco Unified Computing System Multiple Vulnerabilities (cisco-sa-20130424-ucsmulti)

Cisco Unified Computing System is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS6.8AI score0.03596EPSS

Exploits0References1

Cisco•added 2013/10/09 4:4 p.m.•29 views

Cisco Unified Computing System Fabric Interconnect Cross-Site Request Forgery Vulnerability

A vulnerability in the fabric interconnect FI web management interface of the Cisco Unified Computing System could allow an unauthenticated, remote attacker to conduct cross-site request forgery CSRF attacks. The vulnerability occurs because the web interface relies on cookies to authenticate...

4.3CVSS3.4AI score0.00817EPSS

Exploits0References1

Cvelist•added 2013/10/05 10:0 a.m.•21 views

CVE-2012-4084

Cross-site request forgery CSRF vulnerability in the web-management interface in the fabric interconnect FI component in Cisco Unified Computing System UCS allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755...

7.2AI score0.00817EPSS

Exploits0References5

Cisco•added 2013/10/03 12:40 p.m.•26 views

Cisco Unified Computing System Fabric Interconnect create certreq Command Injection Vulnerability

A vulnerability in the create certreq command of the Cisco Unified Computing System fabric interconnect could allow an authenticated, local attacker to execute commands and obtain an interactive Linux shell as the root user. The vulnerability is due to a failure to properly sanitize user input. A...

6.8CVSS3AI score0.00346EPSS

Exploits0References1

Prion•added 2013/10/03 11:3 a.m.•12 views

Authentication flaw

The high-availability service in the Fabric Interconnect component in Cisco Unified Computing System UCS does not properly bind the cluster service to the management interface, which allows remote attackers to obtain sensitive information or cause a denial of service peer-syncing outage via a...

6.8CVSS7.2AI score0.0116EPSS

Exploits0References2

NVD•added 2013/10/02 10:55 p.m.•19 views

CVE-2012-4110

run-script in the fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86560...

6.8CVSS6.8AI score0.00346EPSS

Exploits0References1

Prion•added 2013/10/02 10:55 p.m.•12 views

Command injection

The create certreq command in the fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86563...

6.8CVSS7.4AI score0.00346EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by