Lucene search
K

754 matches found

Cvelist
Cvelist
added 2013/10/02 10:0 p.m.26 views

CVE-2012-4110

run-script in the fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86560...

6.8AI score0.00346EPSS
Exploits0References1
CVE
CVE
added 2013/10/02 10:0 p.m.47 views

CVE-2012-4104

CVE-2012-4104 affects Cisco UCS Fabric Interconnect’s image-download process, enabling absolute path traversal via a header-defined storage location. The underlying issue allows a local authenticated attacker to overwrite or delete arbitrary files on the filesystem by supplying a crafted image he...

6.6CVSS6.5AI score0.00352EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2013/10/02 9:48 p.m.28 views

Cisco Unified Computing System Fabric Interconnect clear sshkey Command Injection Vulnerability

A vulnerability in the clear sshkey command of the Cisco Unified Computing System fabric interconnect could allow an authenticated, local attacker to execute commands and obtain an interactive Linux shell as the root user. The vulnerability is due to a failure to properly sanitize user input. An...

6.8CVSS3.1AI score0.00346EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/02 9:45 p.m.26 views

Cisco Unified Computing System Fabric Interconnect run-script Command Injection Vulnerability

A vulnerability in the run-script command of the Cisco Unified Computing System fabric interconnect could allow an authenticated, local attacker to execute commands and obtain an interactive Linux shell as the root user. The vulnerability is due to a failure to properly sanitize user input. An...

6.8CVSS3AI score0.00346EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/02 7:39 p.m.27 views

Cisco Unified Computing System Fabric Interconnect activate firmware Command Injection Vulnerability

A vulnerability in the activate firmware command of the Cisco Unified Computing System fabric interconnect could allow an authenticated, local attacker to execute commands and obtain an interactive Linux shell as the root user. The vulnerability is due to a failure to properly sanitize user input...

6.8CVSS3AI score0.00346EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/01 7:10 p.m.25 views

Cisco Unified Computing System Fabric Interconnect Directory Traversal Vulnerability

A vulnerability in the image download process of the Cisco Unified Computing System fabric interconnect could allow an authenticated, local attacker to overwrite arbitrary files on the filesystem. The vulnerability occurs because the storage location is defined in the image header. An attacker...

6.6CVSS1.7AI score0.00352EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/01 5:9 p.m.26 views

Cisco Unified Computing System Baseboard Management Controller Arbitrary File Access Vulnerability

A vulnerability in the Baseboard Management Controller BMC local file editor of the Cisco Unified Computing System could allow an authenticated, local attacker to modify the contents of arbitrary files on the fabric interconnect. The vulnerability is due to a failure to properly sanitize user...

6.2CVSS1.9AI score0.00302EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/01 5:3 p.m.33 views

Cisco Unified Computing System Fabric Interconnect Arbitrary File Access Vulnerability

A vulnerability in the local file editor of the Cisco Unified Computing System fabric interconnect could allow an authenticated, local attacker to access arbitrary files on the userland filesystem with root privileges. The vulnerability is due to improper input filtering . An attacker could explo...

5.5CVSS2.8AI score0.00262EPSS
Exploits0References1
NVD
NVD
added 2013/10/01 12:55 a.m.18 views

CVE-2012-4096

The local file editor in the Baseboard Management Controller BMC in Cisco Unified Computing System UCS allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands, aka Bug ID CSCtn06574...

6.2CVSS6.7AI score0.00302EPSS
Exploits0References1
Prion
Prion
added 2013/10/01 12:55 a.m.14 views

Command injection

The local file editor in the Baseboard Management Controller BMC in Cisco Unified Computing System UCS allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands, aka Bug ID CSCtn06574...

6.2CVSS7.2AI score0.00302EPSS
Exploits0References1
CVE
CVE
added 2013/10/01 12:0 a.m.52 views

CVE-2012-4096

The CVE-2012-4096 issue affects Cisco UCS BMC local file editor. Affected product: Cisco Unified Computing System BMC. Description in Cisco advisory and Red Hat/NVD entries confirms that an authenticated, local attacker can modify arbitrary files on the fabric interconnect by abusing the local fi...

6.2CVSS6.9AI score0.00302EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2013/09/27 2:14 a.m.26 views

Cisco Unified Computing System Fabric Interconnect Denial of Service Vulnerability

A vulnerability in the public XML API service of Cisco Unified Computing System Fabric Interconnect could allow an unauthenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to improper input validation in the XML API service. An attacker could exploit...

5CVSS2.2AI score0.01218EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/27 2:7 a.m.26 views

Cisco Unified Computing System Fabric Interconnect Remote Access Vulnerability

A vulnerability in the high availability service of Cisco Unified Computing System Fabric Interconnect could allow an unauthenticated, remote attacker to gain access to sensitive information and prevent the cluster service from syncing with its peers. The vulnerability is due to improper binding ...

5.8CVSS2AI score0.0116EPSS
Exploits0References1
NVD
NVD
added 2013/09/26 2:16 p.m.20 views

CVE-2012-4079

The XML API service in the Fabric Interconnect component in Cisco Unified Computing System UCS allows remote attackers to cause a denial of service API service outage via a malformed XML document in a packet, aka Bug ID CSCtg48206...

5CVSS6.6AI score0.01218EPSS
Exploits0References2
Prion
Prion
added 2013/09/26 2:16 p.m.25 views

Code injection

The XML API service in the Fabric Interconnect component in Cisco Unified Computing System UCS allows remote attackers to cause a denial of service API service outage via a malformed XML document in a packet, aka Bug ID CSCtg48206...

5CVSS7.1AI score0.01218EPSS
Exploits0References2
CVE
CVE
added 2013/09/26 10:0 a.m.60 views

CVE-2012-4079

CVE-2012-4079 affects Cisco UCS Fabric Interconnect: the XML API service can be brought down by a remote, unauthenticated attacker sending a malformed XML packet. Root cause is improper input validation in the XML API service. Impact is a DoS (API service outage). Cisco’s advisory notes that soft...

5CVSS6.8AI score0.01218EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2013/09/26 10:0 a.m.29 views

CVE-2012-4079

The XML API service in the Fabric Interconnect component in Cisco Unified Computing System UCS allows remote attackers to cause a denial of service API service outage via a malformed XML document in a packet, aka Bug ID CSCtg48206...

6.6AI score0.01218EPSS
Exploits0References2
NVD
NVD
added 2013/09/25 10:31 a.m.20 views

CVE-2012-4086

A setup script for fabric interconnect devices in Cisco Unified Computing System UCS allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790...

5.1CVSS7.7AI score0.02916EPSS
Exploits0References3
Prion
Prion
added 2013/09/25 10:31 a.m.16 views

Code injection

A setup script for fabric interconnect devices in Cisco Unified Computing System UCS allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790...

5.1CVSS8.2AI score0.02916EPSS
Exploits0References3
CVE
CVE
added 2013/09/25 10:0 a.m.53 views

CVE-2012-4086

CVE-2012-4086 affects Cisco Unified Computing System (UCS) fabric interconnect devices. The issue resides in the initial setup script, where unfiltered input during configuration can be exploited by an unauthenticated, remote attacker to execute arbitrary commands on the underlying OS with the da...

5.1CVSS8AI score0.02916EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder