Lucene search
K

754 matches found

Cvelist
Cvelist
added 2013/10/19 10:0 a.m.21 views

CVE-2012-4114

The fabric-interconnect KVM module in Cisco Unified Computing System UCS does not encrypt video data, which allows man-in-the-middle attackers to watch KVM display content by sniffing the network or modify this traffic by inserting packets into the client-server data stream, aka Bug ID CSCtr72949...

6.4AI score0.00848EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/10/19 10:0 a.m.24 views

CVE-2012-4117

The fabric-interconnect component in Cisco Unified Computing System UCS does not properly verify X.509 certificates, which allows man-in-the-middle attackers to watch SSL KVM video-channel traffic or modify this traffic via a crafted certificate, aka Bug ID CSCtr73033...

6.3AI score0.00527EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/10/19 10:0 a.m.25 views

CVE-2012-4113

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges and read arbitrary files via crafted command parameters within the command-line interface, aka Bug ID CSCtr43374...

6.7AI score0.00302EPSS
Exploits0References1
CVE
CVE
added 2013/10/19 10:0 a.m.60 views

CVE-2012-4114

CVE-2012-4114 describes a vulnerability in the Cisco UCS Fabric Interconnect KVM module where video data is not encrypted, allowing a man-in-the-middle to sniff or insert packets between KVM server and remote display. Affected: Cisco UCS Fabric Interconnect KVM module (unconfirmed exact versions ...

5.8CVSS6.6AI score0.00848EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2013/10/19 10:0 a.m.56 views

CVE-2012-4116

The CVE-2012-4116 issue affects the Fabric Interconnect component of Cisco UCS, where KVM media traffic is not encrypted. This creates the potential for an unauthenticated, remote attacker to sniff traffic and obtain sensitive information, which could enable the attacker to complete the authentic...

4.3CVSS6.9AI score0.01119EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2013/10/19 10:0 a.m.50 views

CVE-2012-4113

The CVE-2012-4113 issue affects Cisco UCS Fabric Interconnect. It allows an authenticated, local attacker to view arbitrary files on the device’s filesystem by supplying crafted CLI command parameters. Root cause is improper filtering of user-supplied parameters in the CLI. Exploitation requires ...

4.6CVSS6.9AI score0.00302EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2013/10/19 10:0 a.m.58 views

CVE-2012-4117

The CVE-2012-4117 issue concerns Cisco UCS Fabric Interconnect, where the server SSL certificate is not properly verified. This allows a man-in-the-middle attacker to watch or modify SSL KVM video-channel traffic via a crafted certificate. The vulnerability is tied to Bug ID CSCtr73033. Cisco’s a...

5.8CVSS6.5AI score0.00527EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/10/19 10:0 a.m.25 views

CVE-2012-4116

The fabric-interconnect component in Cisco Unified Computing System UCS does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete the authentication process for a server connection, by sniffing the network, aka Bug ID CSCtr72970...

6.7AI score0.01119EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/18 2:47 p.m.27 views

Cisco Unified Computing System Fabric Interconnect Man-In-The-Middle Vulnerability

A vulnerability in the Fabric Interconnect of Cisco Unified Computing System could allow an unauthenticated, remote attacker to execute a man-in-the-middle attack. The vulnerability is due to improper verification of the server SSL certificate. An attacker could exploit this vulnerability by...

4.3CVSS2.5AI score0.00527EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/18 2:41 p.m.25 views

Cisco Unified Computing System Fabric Interconnect Information Disclosure Vulnerability

A vulnerability in the Fabric Interconnect of Cisco Unified Computing System could allow an unauthenticated, remote attacker to capture KVM media connection credentials. The vulnerability is due to improperly securing the KVM media traffic between the server and the client. An attacker could...

4.3CVSS2.1AI score0.01119EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/18 2:39 p.m.34 views

Cisco Unified Computing System Fabric Interconnect Information Disclosure Vulnerability

A vulnerability in the Fabric Interconnect of Cisco Unified Computing System could allow an unauthenticated, remote attacker to capture or modify KVM virtual media traffic. The vulnerability is due to improperly securing the KVM virtual media traffic between the server and the client. An attacker...

4.3CVSS3.2AI score0.00848EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/17 3:30 p.m.27 views

Cisco Unified Computing System Fabric Interconnect Arbitrary File Read Vulnerability

A vulnerability in the fabric interconnect of the Cisco Unified Computing System could allow an authenticated, local attacker to view arbitrary files on the underlying filesystem. The vulnerability is due to improper filtering of user-supplied parameters. An attacker could exploit this...

4.6CVSS2.2AI score0.00302EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/14 8:48 p.m.28 views

Cisco Unified Computing System Fabric Interconnect Arbitrary File Creation Vulnerability

A vulnerability in the fabric interconnect of the Cisco Unified Computing System could allow an authenticated, local attacker to execute commands with elevated privileges. The vulnerability is due to improper filtering of user-supplied parameters. An attacker could exploit this vulnerability by...

4.6CVSS3.2AI score0.0028EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/14 8:10 p.m.26 views

Cisco Unified Computing System Fabric Interconnect Denial of Service Vulnerability

A vulnerability in the fabric interconnect FI of the Cisco Unified Computing System could allow an authenticated, local attacker to create a denial of service DoS condition. The vulnerability is due to improper filtering of user-supplied parameters. An attacker could exploit this vulnerability by...

4.6CVSS2.1AI score0.00309EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/14 2:58 p.m.28 views

Cisco Unified Computing System Fabric Interconnect Privilege Escalation Vulnerability

A vulnerability in the fabric interconnect of the Cisco Unified Computing System could allow an authenticated, local attacker to execute scripts with elevated privileges. The vulnerability occurs because all scripts are executed at the same privilege level. An attacker could exploit this...

6.8CVSS3.4AI score0.004EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/14 2:39 p.m.26 views

Cisco Unified Computing System Fabric Interconnect Command Injection Vulnerability

A vulnerability in the fabric interconnect of the Cisco Unified Computing System could allow an authenticated, local attacker to execute commands on the underlying operating system. The vulnerability is due to improper filtering of user-supplied parameters. An attacker could exploit this...

6.8CVSS2.8AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2013/10/13 10:20 a.m.22 views

CVE-2012-4106

The fabric-interconnect component in Cisco Unified Computing System UCS uses the same privilege level for execution of every script, which allows local users to gain privileges and execute arbitrary commands via an unspecified script-execution approach, aka Bug ID CSCtq86477...

6.8CVSS7.5AI score0.004EPSS
Exploits0References3
NVD
NVD
added 2013/10/13 10:20 a.m.22 views

CVE-2012-4108

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554...

6.8CVSS7.3AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2013/10/13 10:20 a.m.24 views

CVE-2012-4107

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary commands via crafted parameters to a file-related command, aka Bug ID CSCtq86489...

4.6CVSS7.3AI score0.0028EPSS
Exploits0References2
Prion
Prion
added 2013/10/13 10:20 a.m.25 views

Command injection

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary commands via crafted parameters to a file-related command, aka Bug ID CSCtq86489...

4.6CVSS7.8AI score0.0028EPSS
Exploits0References2
Rows per page
Query Builder