Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

Packet Storm
Packet Stormadded 2023/07/17 12:0 a.m.266 views

Cisco UCS-IMC Supervisor 2.2.0.0 Authentication Bypass

Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Date: 08/21/2019 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...

10CVSS7.1AI score0.90436EPSS
Exploits14
Exploit DB
Exploit DBadded 2023/07/15 12:0 a.m.315 views

Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass

Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Date: 08/21/2019 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...

10CVSS8.3AI score0.90436EPSS
Exploits14
0day.today
0day.todayadded 2023/07/15 12:0 a.m.190 views

Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass Vulnerability

Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...

10CVSS7.1AI score0.90436EPSS
Exploits14
NVD
NVDadded 2020/05/06 5:15 p.m.12 views

CVE-2020-3329

A vulnerability in role-based access control of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. The vulnerability is due to...

4.3CVSS4.8AI score0.00139EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2020/05/06 4:40 p.m.7 views

CVE-2020-3329 Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability

A vulnerability in role-based access control of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. The vulnerability is due to...

4.3CVSS7.1AI score0.00139EPSS
Exploits0References1
Cvelist
Cvelistadded 2020/05/06 4:40 p.m.14 views

CVE-2020-3329 Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability

A vulnerability in role-based access control of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. The vulnerability is due to...

4.3CVSS4.8AI score0.00139EPSS
Exploits0References1
Cisco
Ciscoadded 2020/05/06 4:0 p.m.27 views

Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability

A vulnerability in role-based access control of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. The vulnerability is due to...

4.3CVSS4.8AI score0.00139EPSS
Exploits0References1
Check Point Advisories
Check Point Advisoriesadded 2019/09/18 12:0 a.m.3 views

Cisco IMC Supervisor and Cisco UCS Director Command Injection (CVE-2019-1936)

A command injection vulnerability exists in Cisco IMC Supervisor and Cisco UCS Director. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary commands in the affected system...

9CVSS6.8AI score0.66274EPSS
Exploits7
Saint
Saintadded 2019/09/13 12:0 a.m.159 views

Cisco UCS Director authentication bypass and command injection

Added: 09/13/2019 CVE: CVE-2019-1937 Background Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Problem An authentication bypass vulnerability in the ClientServlet allows unauthenticated users to gain an administrative session. Furthermore, a...

10CVSS9.5AI score0.90436EPSS
Exploits14
Packet Storm
Packet Stormadded 2019/09/02 12:0 a.m.274 views

Cisco UCS Director Default scpuser Password

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule "Cisco UCS Director default scpuser password", 'Description' = %q This module abuses a known...

10CVSS0.7AI score0.88998EPSS
Exploits8
0day.today
0day.todayadded 2019/09/02 12:0 a.m.57 views

Cisco UCS Director Unauthenticated Remote Code Execution Exploit

The Cisco UCS Director virtual appliance contains two flaws that can be combined and abused by an attacker to achieve remote code execution as root. The first one, CVE-2019-1937, is an authentication bypass, that allows the attacker to authenticate as an administrator. The second one,...

10CVSS0.9AI score0.90436EPSS
Exploits15
BDU FSTEC
BDU FSTECadded 2019/09/02 12:0 a.m.0 views

The vulnerability affects the web interface for managing the Cisco Integrated Management Controller (IMC) Supervisor, as well as tools for managing physical infrastructure and IaaS virtual environments like Cisco UCS Director and Cisco UCS Director Express for Big Data. This allows a malicious actor to trigger a service failure.

The vulnerability in the web interface for managing the Cisco Integrated Management Controller IMC Supervisor, as well as in tools for managing physical infrastructure and IaaS virtual environments like Cisco UCS Director and Cisco UCS Director Express for Big Data, is related to the lack of...

8.6CVSS5.5AI score0.02327EPSS
Exploits0References2Affected Software3
Metasploit
Metasploitadded 2019/08/28 3:55 a.m.49 views

Cisco UCS Director Unauthenticated Remote Code Execution

The Cisco UCS Director virtual appliance contains two flaws that can be combined and abused by an attacker to achieve remote code execution as root. The first one, CVE-2019-1937, is an authentication bypass, that allows the attacker to authenticate as an administrator. The second one,...

7.2CVSS10.1AI score0.90436EPSS
Exploits15
CNVD
CNVDadded 2019/08/26 12:0 a.m.2 views

Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Input Validation Error Vulnerability

Cisco Integrated Management Controller IMC Supervisor is a set of rack-mounted server centralized management system. Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Cisco UCS Director Express for Big Data is a unified infrastructure management...

9CVSS7.7AI score0.66274EPSS
Exploits7References1
CISA
CISAadded 2019/08/22 12:0 a.m.20 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in Cisco Integrated Management Controller IMC Supervisor, Unified Computing System UCS Director, and UCS Director Express for Big Data. A remote attacker could exploit these vulnerabilities to take control of an affected system. The...

7AI score
Exploits0References4
OSV
OSVadded 2019/08/21 7:15 p.m.0 views

CVE-2019-1935

A vulnerability in Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account scpuser, which has default user...

9.8CVSS7.5AI score
Exploits0References5
NVD
NVDadded 2019/08/21 7:15 p.m.16 views

CVE-2019-1937

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to acquire a valid session token with administrator privileges, bypassing...

10CVSS9.8AI score0.90436EPSS
Exploits14References6
Prion
Prionadded 2019/08/21 7:15 p.m.15 views

Design/Logic Flaw

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an administrative user...

10CVSS9.7AI score0.11595EPSS
Exploits0References1Affected Software3
Vulnrichment
Vulnrichmentadded 2019/08/21 6:30 p.m.7 views

CVE-2019-1974 Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Authentication Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an administrative user...

9.8CVSS7.9AI score0.11595EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2019/08/21 6:25 p.m.9 views

CVE-2019-1935 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data SCP User Default Credentials Vulnerability

A vulnerability in Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account scpuser, which has default user...

9.8CVSS8.2AI score0.88998EPSS
Exploits8References5
Rows per page
Query Builder