Lucene search
K

754 matches found

Prion
Prion
added 2013/10/13 10:20 a.m.21 views

Design/Logic Flaw

The fabric-interconnect component in Cisco Unified Computing System UCS uses the same privilege level for execution of every script, which allows local users to gain privileges and execute arbitrary commands via an unspecified script-execution approach, aka Bug ID CSCtq86477...

6.8CVSS8.1AI score0.004EPSS
Exploits0References3
Prion
Prion
added 2013/10/13 10:20 a.m.18 views

Design/Logic Flaw

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554...

6.8CVSS7.8AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2013/10/13 10:19 a.m.22 views

CVE-2012-4105

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to cause a denial of service component crash via crafted "debug hardware" parameters, aka Bug ID CSCtq86468...

4.6CVSS6.2AI score0.00309EPSS
Exploits0References3
Prion
Prion
added 2013/10/13 10:19 a.m.21 views

Code injection

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to cause a denial of service component crash via crafted "debug hardware" parameters, aka Bug ID CSCtq86468...

4.6CVSS6.7AI score0.00309EPSS
Exploits0References3
CVE
CVE
added 2013/10/13 10:0 a.m.48 views

CVE-2012-4105

The CVE-2012-4105 issue affects the Cisco UCS fabric interconnect; the vulnerability arises from improper filtering of user-supplied parameters in the debug hardware command, allowing an authenticated, local attacker to crash the FI (DoS) via crafted parameters (Bug ID CSCtq86468). Affected compo...

4.6CVSS6.4AI score0.00309EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/10/13 10:0 a.m.23 views

CVE-2012-4105

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to cause a denial of service component crash via crafted "debug hardware" parameters, aka Bug ID CSCtq86468...

6.2AI score0.00309EPSS
Exploits0References3
Cvelist
Cvelist
added 2013/10/13 10:0 a.m.25 views

CVE-2012-4108

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554...

7.3AI score0.00351EPSS
Exploits0References1
CVE
CVE
added 2013/10/13 10:0 a.m.61 views

CVE-2012-4106

The CVE-2012-4106 issue affects Cisco UCS fabric interconnects. Affected component: fabric-interconnect in Cisco Unified Computing System (UCS). Root cause: all scripts execute at the same privilege level, allowing a local attacker to escalate privileges and run arbitrary CLI commands via an exis...

6.8CVSS7.8AI score0.004EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/10/13 10:0 a.m.23 views

CVE-2012-4107

The fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges and execute arbitrary commands via crafted parameters to a file-related command, aka Bug ID CSCtq86489...

7.3AI score0.0028EPSS
Exploits0References2
CVE
CVE
added 2013/10/13 10:0 a.m.66 views

CVE-2012-4107

The CVE-2012-4107 entry describes a privilege-escalation flaw in Cisco UCS fabric interconnects. Affected component: fabric interconnect of Cisco Unified Computing System. Root cause: improper filtering of user-supplied parameters to certain file-related commands allows a local attacker to gain e...

4.6CVSS7.5AI score0.0028EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2013/10/13 10:0 a.m.48 views

CVE-2012-4108

The CVE-2012-4108 entry concerns Cisco Unified Computing System (UCS) fabric interconnect. The vulnerability arises from improper filtering of user-supplied parameters to a file-related command, enabling an authenticated, local attacker to gain privileges and execute arbitrary operating-system co...

6.8CVSS7.5AI score0.00351EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/10/13 10:0 a.m.27 views

CVE-2012-4106

The fabric-interconnect component in Cisco Unified Computing System UCS uses the same privilege level for execution of every script, which allows local users to gain privileges and execute arbitrary commands via an unspecified script-execution approach, aka Bug ID CSCtq86477...

7.5AI score0.004EPSS
Exploits0References3
Cisco
Cisco
added 2013/10/09 4:4 p.m.29 views

Cisco Unified Computing System Fabric Interconnect Cross-Site Request Forgery Vulnerability

A vulnerability in the fabric interconnect FI web management interface of the Cisco Unified Computing System could allow an unauthenticated, remote attacker to conduct cross-site request forgery CSRF attacks. The vulnerability occurs because the web interface relies on cookies to authenticate...

4.3CVSS3.4AI score0.00817EPSS
Exploits0References1
NVD
NVD
added 2013/10/05 10:55 a.m.14 views

CVE-2012-4084

Cross-site request forgery CSRF vulnerability in the web-management interface in the fabric interconnect FI component in Cisco Unified Computing System UCS allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755...

6.8CVSS7.2AI score0.00817EPSS
Exploits0References5
Prion
Prion
added 2013/10/05 10:55 a.m.17 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the web-management interface in the fabric interconnect FI component in Cisco Unified Computing System UCS allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755...

6.8CVSS7.7AI score0.00817EPSS
Exploits0References5
CVE
CVE
added 2013/10/05 10:0 a.m.56 views

CVE-2012-4084

Cisco UCS Fabric Interconnect web management interface CSRF vulnerability (CVE-2012-4084) allows unauthenticated remote attackers to hijack user authentication via cookie-based session handling. Exploitation would enable the attacker to perform actions as the affected user; Cisco notes that softw...

6.8CVSS7.4AI score0.00817EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2013/10/05 10:0 a.m.21 views

CVE-2012-4084

Cross-site request forgery CSRF vulnerability in the web-management interface in the fabric interconnect FI component in Cisco Unified Computing System UCS allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755...

7.2AI score0.00817EPSS
Exploits0References5
Cisco
Cisco
added 2013/10/03 12:40 p.m.27 views

Cisco Unified Computing System Fabric Interconnect create certreq Command Injection Vulnerability

A vulnerability in the create certreq command of the Cisco Unified Computing System fabric interconnect could allow an authenticated, local attacker to execute commands and obtain an interactive Linux shell as the root user. The vulnerability is due to a failure to properly sanitize user input. A...

6.8CVSS3AI score0.00346EPSS
Exploits0References1
CVE
CVE
added 2013/10/03 10:0 a.m.57 views

CVE-2012-4136

The CVE-2012-4136 issue affects Cisco UCS Fabric Interconnect’s high-availability service. The root cause is improper binding of the cluster service to the management interface, which can let a remote attacker connected via Telnet access sensitive information or cause a peer‑syncing denial of ser...

6.8CVSS6.7AI score0.0116EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2013/10/03 10:0 a.m.21 views

CVE-2012-4136

The high-availability service in the Fabric Interconnect component in Cisco Unified Computing System UCS does not properly bind the cluster service to the management interface, which allows remote attackers to obtain sensitive information or cause a denial of service peer-syncing outage via a...

6.6AI score0.0116EPSS
Exploits0References2
Rows per page
Query Builder