11 matches found
Cisco UCS-IMC Supervisor 2.2.0.0 Authentication Bypass
Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Date: 08/21/2019 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...
Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass Vulnerability
Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...
Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass
Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Date: 08/21/2019 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...
Cisco UCS Director Web Interface Authentication Bypass (CVE-2019-1937)
An authentication bypass vulnerability exists in Cisco UCS Director web interface. Successful exploitation of this vulnerability could allow a remote attacker to bypass login authentication and gain unauthorized access to the vulnerable system...
Cisco UCS Director authentication bypass and command injection
Added: 09/13/2019 CVE: CVE-2019-1937 Background Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Problem An authentication bypass vulnerability in the ClientServlet allows unauthenticated users to gain an administrative session. Furthermore, a...
Cisco UCS Director authentication bypass and command injection
Added: 09/13/2019 CVE: CVE-2019-1937 Background Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Problem An authentication bypass vulnerability in the ClientServlet allows unauthenticated users to gain an administrative session. Furthermore, a...
CVE-2019-1937
creationtimestamp| type| source ---|---|--- 2019-09-02 15:56:25+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ciscoucsrce.rb 2020-05-12 13:27:31+00:00| seen| https://t.me/Ninjutsuos/134 2020-05-12 13:27:34+00:00| seen|...
Cisco UCS Director Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Unauthenticated Remote Code Execution', 'Description' = %q The Cisco UCS Director virtual appliance contains two flaws that ca...
Cisco UCS Director Unauthenticated Remote Code Execution
The Cisco UCS Director virtual appliance contains two flaws that can be combined and abused by an attacker to achieve remote code execution as root. The first one, CVE-2019-1937, is an authentication bypass, that allows the attacker to authenticate as an administrator. The second one,...
Cisco UCS / IMC Supervisor Authentication Bypass / Command Injection
Multiple critical vulnerabilities in Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data Discovered by Pedro Ribeiro [email protected] from Agile Information Security...
Cisco UCS Director Authentication Bypass (cisco-sa-20190821-imcs-ucs-authby)
According to its self-reported version, the remote host is running a version of Cisco UCS Director that is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary actions with administrative privileges...