5 matches found
Cisco IMC Supervisor and Cisco UCS Director Command Injection (CVE-2019-1936)
A command injection vulnerability exists in Cisco IMC Supervisor and Cisco UCS Director. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary commands in the affected system...
CVE-2019-1936
creationtimestamp| type| source ---|---|--- 2019-09-02 15:56:25+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ciscoucsrce.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:14+00:00| seen|...
Cisco UCS Director Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Unauthenticated Remote Code Execution', 'Description' = %q The Cisco UCS Director virtual appliance contains two flaws that ca...
Cisco UCS Director Unauthenticated Remote Code Execution
The Cisco UCS Director virtual appliance contains two flaws that can be combined and abused by an attacker to achieve remote code execution as root. The first one, CVE-2019-1937, is an authentication bypass, that allows the attacker to authenticate as an administrator. The second one,...
CVE-2019-1936
CVE-2019-1936 is a command-injection vulnerability in the web-based management interface of Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data. It stems from insufficient input validation and, per Cisco’s advisory, can be exploited by an authenticated administra...