CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

37 matches found

Packet Storm•added 2023/07/17 12:0 a.m.•266 views

Cisco UCS-IMC Supervisor 2.2.0.0 Authentication Bypass

Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Date: 08/21/2019 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...

10CVSS7.1AI score0.90436EPSS

Exploits14

0day.today•added 2023/07/15 12:0 a.m.•196 views

Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass Vulnerability

Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...

10CVSS7.1AI score0.90436EPSS

Exploits14

NVD•added 2020/05/06 5:15 p.m.•12 views

CVE-2020-3329

A vulnerability in role-based access control of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. The vulnerability is due to...

4.3CVSS4.8AI score0.00139EPSS

Exploits0References1

Vulnrichment•added 2020/05/06 4:40 p.m.•7 views

CVE-2020-3329 Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability

4.3CVSS7.1AI score0.00139EPSS

Exploits0References1

Cvelist•added 2020/05/06 4:40 p.m.•14 views

CVE-2020-3329 Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability

4.3CVSS4.8AI score0.00139EPSS

Exploits0References1

Cisco•added 2020/05/06 4:0 p.m.•27 views

Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability

4.3CVSS4.8AI score0.00139EPSS

Exploits0References1

Packet Storm•added 2019/09/02 12:0 a.m.•275 views

Cisco UCS Director Default scpuser Password

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule "Cisco UCS Director default scpuser password", 'Description' = %q This module abuses a known...

10CVSS0.7AI score0.88998EPSS

Exploits8

0day.today•added 2019/09/02 12:0 a.m.•64 views

Cisco UCS Director Unauthenticated Remote Code Execution Exploit

The Cisco UCS Director virtual appliance contains two flaws that can be combined and abused by an attacker to achieve remote code execution as root. The first one, CVE-2019-1937, is an authentication bypass, that allows the attacker to authenticate as an administrator. The second one,...

10CVSS0.9AI score0.90436EPSS

Exploits15

Metasploit•added 2019/08/28 3:55 a.m.•53 views

Cisco UCS Director Unauthenticated Remote Code Execution

7.2CVSS10.1AI score0.90436EPSS

Exploits15

CNVD•added 2019/08/26 12:0 a.m.•2 views

Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Input Validation Error Vulnerability

Cisco Integrated Management Controller IMC Supervisor is a set of rack-mounted server centralized management system. Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Cisco UCS Director Express for Big Data is a unified infrastructure management...

9CVSS7.7AI score0.66274EPSS

Exploits7References1

CISA•added 2019/08/22 12:0 a.m.•20 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in Cisco Integrated Management Controller IMC Supervisor, Unified Computing System UCS Director, and UCS Director Express for Big Data. A remote attacker could exploit these vulnerabilities to take control of an affected system. The...

7AI score

Exploits0References4

NVD•added 2019/08/21 7:15 p.m.•16 views

CVE-2019-1937

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to acquire a valid session token with administrator privileges, bypassing...

10CVSS9.8AI score0.90436EPSS

Exploits14References6

OSV•added 2019/08/21 7:15 p.m.•1 views

CVE-2019-1935

A vulnerability in Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account scpuser, which has default user...

9.8CVSS7.5AI score

Exploits0References5

Prion•added 2019/08/21 7:15 p.m.•16 views

Design/Logic Flaw

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an administrative user...

10CVSS9.7AI score0.11595EPSS

Exploits0References1Affected Software3

Vulnrichment•added 2019/08/21 6:30 p.m.•7 views

CVE-2019-1974 Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Authentication Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an administrative user...

9.8CVSS7.9AI score0.11595EPSS

Exploits0References1

Vulnrichment•added 2019/08/21 6:25 p.m.•9 views

CVE-2019-1935 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data SCP User Default Credentials Vulnerability

9.8CVSS8.2AI score0.88998EPSS

Exploits8References5

Cvelist•added 2019/08/21 6:25 p.m.•20 views

CVE-2019-1936 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root use...

7.2CVSS7.4AI score0.66274EPSS

Exploits7References5

Cvelist•added 2019/08/21 6:25 p.m.•21 views

CVE-2019-1937 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Authentication Bypass Vulnerability

9.8CVSS8.5AI score0.90436EPSS

Exploits14References6

CVE•added 2019/08/21 6:25 p.m.•186 views

CVE-2019-1937

CVE-2019-1937 affects Cisco UCS Director/UCS Director Express for Big Data and IMC Supervisor via an authentication bypass in the web-based management interface caused by insufficient request header validation. An unauthenticated remote attacker could obtain a valid administrator session token an...

10CVSS9.7AI score0.90436EPSS

Exploits14References6Affected Software1

CVE•added 2019/08/21 6:5 p.m.•55 views

CVE-2019-12634

Cisco CVE-2019-12634 affects the web-based management interfaces for IMC Supervisor, Cisco UCS Director, and UCS Director Express for Big Data. The root cause is a missing authentication check in an API call, allowing an unauthenticated, remote attacker to log off all currently authenticated user...

8.6CVSS7.7AI score0.02327EPSS

Exploits0References1Affected Software3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by