Cisco UCS Director Cloupia Script Remote Code Execution Exploit

This Metasploit module exploits an authentication bypass and directory traversals in Cisco UCS Director versions prior to 6.7.4.0 to leak the administrator's REST API key and execute a Cloupia script containing an arbitrary root command. Note that the primary functionality of this module is to...

Cisco UCS Director Cloupia Script - Remote Code Execution

This Metasploit module exploits an authentication bypass and directory traversals in Cisco UCS Director This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Cloupia Script RCE',...

Cisco UCS Director Cloupia Script Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Cloupia Script RCE', 'Description' = %q This module exploits an authentication bypass and directory traversals in Cisco UCS...

Cisco UCS Director Cloupia Script RCE

This module exploits an authentication bypass and directory traversals in Cisco UCS Director 'Cisco UCS Director Cloupia Script RCE', 'Description' = %q This module exploits an authentication bypass and directory traversals in Cisco UCS Director 6.7.4.0 to leak the administrator's REST API key an...

Cisco UCS Director isEnableRestKeyAccessCheckForUser Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Cisco UCS Director. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the X-Cloupia-Request-Key field in requests. The issue results from...

Cisco Unified Computing System Director Information Disclosure Vulnerability

Cisco UCS Director formerly known as Cisco Cloupia is a set of converged infrastructure management solutions from the U.S. company Cisco Cisco. The solution enables users to manage computing power, network services, storage, and virtual machines from a single management console to deploy and...

CVE-2015-6259

CVE-2015-6259 affects Cisco Integrated Management Controller (IMC) Supervisor prior to 1.0.0.1 and Cisco UCS Director prior to 5.2.0.1. The JSP component enables remote attackers to overwrite arbitrary files via crafted HTTP requests, a vulnerability tracked as CSCus36435/CSCus62625. The issue is...

Cloupia End-to-end FlexPod Management Directory Traversal

No description provided by source. Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Advisory Information Advisory ID: KUSTODIAN-2011-011 Date published: Jan 13, 2011 Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes...

CVE-2014-0709

Cisco UCS Director (formerly Cloupia) before 4.0.0.3 uses a hardcoded root password, enabling unauthenticated remote login via the CLI and full admin access over SSH. This mode of exploitation is documented across multiple sources (Cisco advisory CSCui73930/Cisco-SA-2014-0219-ucsd). Affected vers...

CVE-2014-0709

Cisco UCS Director formerly Cloupia before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930...

Cloupia End-to-end FlexPod Management - Directory Traversal

Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Advisory Information Advisory ID: KUSTODIAN-2011-011 Date published: Jan 13, 2011 Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes Software Description Provides...

Cloupia End-To-End FlexPod Management Directory Traversal

Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Advisory Information Advisory ID: KUSTODIAN-2011-011 Date published: Jan 13, 2011 Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes Software Description Provides...

Cloupia End-to-end FlexPod Management Directory Traversal

Exploit for jsp platform in category web applications Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes Software Description Provides end-to-end FlexPod management and...

Cloupia Framework E2E - Directory Traversal Vulnerability

Document Title: =============== Cloupia Framework E2E - Directory Traversal Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=182 ID: KUSTODIAN-2011-011 Release Date: ============= 2012-01-11 Vulnerability Laboratory ID VL-ID:...

Cloupia Framework E2E - Directory Traversal Vulnerability

Document Title: =============== Cloupia Framework E2E - Directory Traversal Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=182 ID: KUSTODIAN-2011-011 Release Date: ============= 2012-01-11 Vulnerability Laboratory ID VL-ID:...