EUVD-2025-27688

Malicious code in bioql PyPI...

Cisco UCS Fabric Interconnects Command Injection (cisco-sa-ucs-multi-cmdinj-E4Ukjyrz)

According to its self-reported version, Cisco Unified Computing System UCS Fabric Interconnect is affected by multiple vulnerabilities. - Vulnerability in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with administrative...

CVE-2025-20294

CVE-2025-20294 affects Cisco UCS Manager Software, specifically the CLI and web-based management interface. The root cause is insufficient input validation of command arguments, which could allow an authenticated, remote attacker with administrative privileges to perform command injection and esc...

Cisco NX-OS Software Sensitive Log Information Disclosure Vulnerability

A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow...

PT-2025-34893 · Cisco · Cisco Ucs Manager

Name of the Vulnerable Software and Affected Versions: Cisco UCS Manager Software affected versions not specified Description: A vulnerability exists in the web-based management interface that could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack agains...

Cisco Integrated Management Controller 安全漏洞

Cisco Integrated Management Controller IMC is a suite of software from Cisco USA for the management of UCS Unified Computing System. The software supports HTTP, SSH access, etc., and allows operations such as powering up, shutting down, and rebooting servers. A security vulnerability exists in...

CVE-2012-4110

run-script in the fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86560...

CVE-2012-4096

The local file editor in the Baseboard Management Controller BMC in Cisco Unified Computing System UCS allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands, aka Bug ID CSCtn06574...

CVE-2013-1190

The C-Series Rack Server component 1.4 in Cisco Unified Computing System UCS does not properly restrict inbound access to ports, which allows remote attackers to cause a denial of service Integrated Management Controller reboot or hang via crafted packets, as demonstrated by nmap, aka Bug ID...

CVE-2013-1181

Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.03N22, Nexus 3000 devices 5.x before 5.03U32, and Unified Computing System UCS 6200 devices before 2.01w allows remote attackers to cause a denial of service device reload by sending a jumbo packet to the management interface, aka Bug IDs...

CVE-2013-1184

The management API in the XML API management service in the Manager component in Cisco Unified Computing System UCS 1.x before 1.21b allows remote attackers to cause a denial of service service outage via a malformed request, aka Bug ID CSCtg48206...

CVE-2013-1186

Cisco Unified Computing System UCS 1.x before 1.44 and 2.x before 2.02m allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller IMC, aka Bug ID CSCts53746...

CVE-2013-1185

The web interface in the Manager component in Cisco Unified Computing System UCS 1.x and 2.x before 2.02m allows remote attackers to obtain sensitive information by reading a 1 technical-support bundle file or 2 on-device configuration backup, aka Bug ID CSCtq86543...

CVE-2013-1178

Multiple buffer overflows in the Cisco Discovery Protocol CDP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.24 and 6.x before 6.11, Nexus 5000 and 5500 devices 4.x and 5.x before 5.13N11, Nexus 4000 devices before 4.12E11h, Nexus 3000 devices 5.x before 5.03U31, Nexus...

CVE-2012-1364

Cisco Unified Computing System UCS 1.4 and 2.0 allows remote authenticated users to cause a denial of service device reload via a malformed SNMP request to a Fabric Interconnect FI device, aka Bug ID CSCts32452...

CVE-2012-4117

The fabric-interconnect component in Cisco Unified Computing System UCS does not properly verify X.509 certificates, which allows man-in-the-middle attackers to watch SSL KVM video-channel traffic or modify this traffic via a crafted certificate, aka Bug ID CSCtr73033...

CVE-2012-4116

The fabric-interconnect component in Cisco Unified Computing System UCS does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete the authentication process for a server connection, by sniffing the network, aka Bug ID CSCtr72970...

CVE-2012-4115

The fabric-interconnect component in Cisco Unified Computing System UCS does not encrypt KVM virtual-media data, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify this traffic by inserting packets into the client-server data stream, aka Bug...

CVE-2012-4112

The Baseboard Management Controller BMC in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the command-line interface, aka Bug ID CSCtr43330...

CVE-2012-4111

The create certreq command in the fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86563...