2 matches found
Cisco UCS Director RestAPI Remote Code Execution (CVE-2020-3247)
A remote code execution vulnerability exists in Cisco UCS Directory. The vulnerability is due to insufficient validation of user input within ApplianceFileUploadEntryFormPage class' CopyFileRunnable run method. A remote authenticated attacker can exploit the vulnerability by sending malicious...
CVE-2020-3247 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data
Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section o...