292 matches found
CVE-2012-4108
The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554...
CVE-2012-4104
Absolute path traversal vulnerability in the image-download process in the fabric-interconnect component in Cisco Unified Computing System UCS allows local users to overwrite or delete arbitrary files via a full pathname in an image header, aka Bug ID CSCtq02706...
CVE-2012-4102
The activate firmware command in the fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02600...
CVE-2013-5550
The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to cause a denial of service via crafted command parameters that trigger hardware-component write operations, aka Bug ID CSCtq86549...
The vulnerability of the application software interface of the Cisco Unified Computing System’s servers—Cisco UCS B-Series, Managed C-Series, and X-Series—is related to the failure to implement measures to neutralize specific elements. This allows attackers to execute arbitrary code and elevate their privileges to the root level.
The vulnerability of the application software interface of the Cisco Unified Computing System’s servers—Cisco UCS B-Series, Managed C-Series, and X-Series—is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute...
Cisco UCS B-Series Blade Servers、Cisco UCS Managed C-Series Rack Servers和Cisco UCS X-Series Modular System 安全漏洞
Cisco UCS B-Series Blade Servers and others are products of Cisco, Inc.The Cisco UCS B-Series Blade Servers are a UCS B-Series blade server appliance.The Cisco UCS Managed C-Series Rack Servers are a standard form factor server designed to fit in a rack to save space in the data center.The Cisco...
Cisco Integrated Management Controller Command Injection Vulnerability
Cisco Integrated Management Controller is the United States Cisco Cisco company's set of software for the management of UCS Unified Computing System. A command injection vulnerability exists in Cisco Integrated Management Controller. The vulnerability allows an authenticated attacker to perform a...
Cisco Multiple Vulnerabilities in NX-OS-Based Products (CVE-2014-3261)
Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.41i, NX-OS 5.0 before 5.03U22 on Nexus 3000 devices, NX-OS 4.1 before 4.12E11l on Nexus 4000 devices, NX-OS 5.x before 5.13N11 on Nexus 5000 devices, NX-OS 5...
Cisco Multiple Vulnerabilities in NX-OS-Based Products (CVE-2013-1181)
Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.03N22, Nexus 3000 devices 5.x before 5.03U32, and Unified Computing System UCS 6200 devices before 2.01w allows remote attackers to cause a denial of service device reload by sending a jumbo packet to the management interface, aka Bug IDs...
The vulnerability in the web interface of Cisco NX-OS and FXOS router devices from Cisco UCS Fabric Interconnect allows a attacker to trigger a service failure.
The vulnerability of the web interface of Cisco NX-OS and FXOS router devices from Cisco UCS Fabric Connect is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to trigger a service failure by sending a specially crafted HTTP request...
The vulnerability of the command-line interface (CLI) of the Cisco Unified Computing System Manager and Cisco FXOS/NX-OS operating systems for Firepower 4100 Series, Firepower 9300 Security Appliances, UCS 6200, UCS 6300, UCS 6400, and UCS 6500 routers allows a malicious actor to execute arbitrary commands.
The vulnerability of the command-line interface CLI of the Cisco Unified Computing System Manager and Cisco FXOS/NX-OS operating systems for Firepower 4100 Series, Firepower 9300 Security Appliances, UCS 6200, UCS 6300, UCS 6400, and UCS 6500 routers is related to the lack of measures taken to...
The vulnerability of the backup function of the Cisco Unified Computing System (UCS) Manager and the export function of the Cisco FXOS routers Firepower 4100 Series, Firepower 9300 Security Appliances, UCS 6200, UCS 6300, UCS 6400, and UCS 6500 allows a intruder to gain unauthorized access to protected information.
The vulnerability of the backup function of the Cisco Unified Computing System UCS Manager and the export function of the Cisco FXOS routers Firepower 4100 Series, Firepower 9300 Security Appliances, UCS 6200, UCS 6300, UCS 6400, and UCS 6500 is related to the use of a hard-coded cryptographic ke...
Cisco UCS Fabric Interconnects Command Injection (cisco-sa-nxfp-cmdinj-XXBZjtR)
According to its self-reported version, Cisco Unified Computing System UCS Fabric Interconnect is affected by a command injection vulnerability. Due to insufficient input validation of commands supplied by the user, an authenticated attacker can execute unauthorized commands within the CLI. On...
Cisco Firepower 4100 Series和Cisco Firepower 9300 Security Appliance 操作系统命令注入漏洞
Cisco Firepower 4100 Series and Cisco Firepower 9300 Security Appliance are both products of Cisco Corporation.Cisco Firepower 4100 Series is a 4100 series firewall appliance.Cisco Firepower 9300 Security Appliance is a 9300 series security appliance. Cisco Firepower 4100 Series is a 4100 series...
The vulnerability of Cisco UCS 6400 microprogramming software, related to insufficient resource control during its existence, allows a hacker to trigger a service failure.
The vulnerability of Cisco UCS 6400 microprogrammed software is related to insufficient resource control during its existence. Exploiting this vulnerability can allow a malicious actor to cause service failures...
Cisco Unified Computing System (UCS) Central Software Improper Certificate Validation (cisco-sa-ucs-invcert-eOpRvCKH)
According to its self-reported version, Cisco Unified Computing System Central Software is affected by an improper certificate validation vulnerability. An authenticated, adjacent attacker could exploit this, by sending a crafted HTTP request to the registration API, to register a rogue Cisco UCS...
Cisco UCS Manager 2.2(1d) - Remote Command Execution
Exploit Title: Cisco UCS Manager 2.21d - Remote Command Execution Description: An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System UCS Manager before 2.24b, 2.25 before 2.25a, and 3.0 before 3.02e allows remote attackers to execute...
Cisco Integrated Management Controller RCE (cisco-sa-ucs-api-rce-UXwpeDHd)
According to its self-reported version, Cisco Unified Computing System E-Series Software UCSE is affected by multiple remote code execution RCE vulnerabilities in the API subsystem due to improper boundary checks for certain user-supplied input. An unauthenticated, remote attacker can exploit...
Cisco Integrated Management Controller Authorization Bypass (cisco-sa-cimc-auth-zWkppJxL)
According to its self-reported version, Cisco Unified Computing System Management Software is affected by an authorization bypass vulnerability due to improper authorization checks on API endpoints. An authenticate, remote attacker can exploit this issue, by sending malicious requests to an API...
Cisco UCS Manager Software Local Management CLI DoS (cisco-sa-ucs-cli-dos-GQUxCnTe)
According to its self-reported version, Cisco Unified Computing System Managed is affected by a DoS vulnerability. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an...