Lucene search
K

754 matches found

Cvelist
Cvelist
added 2013/09/25 10:0 a.m.24 views

CVE-2012-4086

A setup script for fabric interconnect devices in Cisco Unified Computing System UCS allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790...

7.7AI score0.02916EPSS
Exploits0References3
Cisco
Cisco
added 2013/09/24 8:20 p.m.24 views

Cisco Unified Computing System Fabric Interconnect Devices Arbitrary Command Execution Vulnerability

A vulnerability in the initial setup script of Cisco Unified Computing System fabric interconnect FI devices could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to unfiltered input in the cluster initial...

5.1CVSS3AI score0.01944EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/24 7:45 p.m.26 views

Cisco Unified Computing System Fabric Interconnect Denial of Service Vulnerability

A vulnerability in Smart Call Home functionality in the fabric interconnect FI of Cisco Unified Computing System could allow an unauthenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to a buffer overflow in the Smart Call Home function. An attacker...

5.4CVSS1.8AI score0.02049EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/24 7:32 p.m.26 views

Cisco Unified Computing System Fabric Interconnect Devices Arbitrary Command Execution Vulnerability

A vulnerability in the initial setup script of Cisco Unified Computing System fabric interconnect devices could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to unfiltered input in the initial configuration...

5.1CVSS3AI score0.02916EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/24 7:16 p.m.31 views

Cisco Unified Computing System Baseboard Management Controller Arbitrary Command Execution Vulnerability

A vulnerability in the fabric interconnect FI of Cisco Unified Computing System could allow an authenticated, local attacker to execute arbitrary commands on the Baseboard Management Controller BMC with elevated privileges. The vulnerability is due to improper input validation in the MCTOOLS...

6.6CVSS3.2AI score0.00319EPSS
Exploits0References1
NVD
NVD
added 2013/09/24 10:35 a.m.20 views

CVE-2012-4087

A cluster setup script for fabric interconnect devices in Cisco Unified Computing System UCS allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20793...

5.1CVSS7.7AI score0.01944EPSS
Exploits0References3
NVD
NVD
added 2013/09/24 10:35 a.m.24 views

CVE-2012-4089

MCTOOLS in the fabric interconnect in Cisco Unified Computing System UCS allows local users to execute arbitrary Baseboard Management Controller BMC commands by leveraging 1 local, 2 shell-level, or 3 debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239...

6.6CVSS7.2AI score0.00319EPSS
Exploits0References3
Prion
Prion
added 2013/09/24 10:35 a.m.19 views

Command injection

A cluster setup script for fabric interconnect devices in Cisco Unified Computing System UCS allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20793...

5.1CVSS8.2AI score0.01944EPSS
Exploits0References3
Prion
Prion
added 2013/09/24 10:35 a.m.17 views

Command injection

MCTOOLS in the fabric interconnect in Cisco Unified Computing System UCS allows local users to execute arbitrary Baseboard Management Controller BMC commands by leveraging 1 local, 2 shell-level, or 3 debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239...

6.6CVSS7.7AI score0.00319EPSS
Exploits0References3
CVE
CVE
added 2013/09/24 10:0 a.m.53 views

CVE-2012-4087

Cisco UCS Fabric Interconnect devices contain a vulnerability in the cluster initial setup script that allows an unauthenticated, remote attacker to execute arbitrary commands via invalid parameters. The root cause is unfiltered input during the initial configuration phase, restricting exploitati...

5.1CVSS8AI score0.01944EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/09/24 10:0 a.m.51 views

CVE-2012-4089

The CVE-2012-4089 issue affects Cisco Unified Computing System fabric interconnects (FI) via its MCTOOLS command. The root cause is improper input validation in MCTOOLS, enabling an authenticated, local attacker with local/shell-level/debug-level OS access to inject commands and execute arbitrary...

6.6CVSS7.4AI score0.00319EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/09/24 10:0 a.m.53 views

CVE-2012-4094

Cisco UCS Fabric Interconnect vulnerability CVE-2012-4094 is caused by a buffer overflow in the Smart Call Home feature. An unauthenticated, remote attacker could trigger a DoS by intercepting and spoofing specific control messages that cause Smart Call Home to generate reports. Cisco’s advisory ...

5.4CVSS7.1AI score0.02049EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/09/24 10:0 a.m.26 views

CVE-2012-4094

Buffer overflow in the Smart Call Home feature in the fabric interconnect in Cisco Unified Computing System UCS allows remote attackers to cause a denial of service by reading and forging control messages associated with Smart Call Home reports, aka Bug ID CSCtl00198...

6.9AI score0.02049EPSS
Exploits0References3
Prion
Prion
added 2013/09/20 6:55 p.m.17 views

Command injection

MCTools in the Cisco Management Controller in Cisco Unified Computing System UCS allows local users to gain privileges by entering crafted command-line parameters on a Fabric Interconnect device, aka Bug ID CSCtg20749...

6.8CVSS7AI score0.00345EPSS
Exploits0References3
Cvelist
Cvelist
added 2013/09/20 6:0 p.m.24 views

CVE-2012-4082

MCTools in the Cisco Management Controller in Cisco Unified Computing System UCS allows local users to gain privileges by entering crafted command-line parameters on a Fabric Interconnect device, aka Bug ID CSCtg20749...

6.5AI score0.00345EPSS
Exploits0References3
Cisco
Cisco
added 2013/09/19 5:8 p.m.24 views

Cisco Unified Computing System Cisco Management Controller Command Injection Vulnerability

A vulnerability in the Cisco Management Controller of the Cisco Unified Computing System could allow an authenticated, local attacker to execute commands on the underlying operation system with elevated privileges. The vulnerability is due to improper parameter input validation. An attacker could...

6.8CVSS3.2AI score0.00345EPSS
Exploits0References1
Prion
Prion
added 2013/08/30 1:55 a.m.15 views

Memory corruption

Memory leak in the CLI component on Cisco Unified Computing System UCS 6100 Fabric Interconnect devices, in certain situations that lack a SPAN session, allows local users to cause a denial of service memory consumption and device reset via a 1 "show monitor session all" or 2 "show monitor sessio...

4.6CVSS6.7AI score0.00339EPSS
Exploits0References4
Cvelist
Cvelist
added 2013/08/30 1:0 a.m.25 views

CVE-2013-3467

Memory leak in the CLI component on Cisco Unified Computing System UCS 6100 Fabric Interconnect devices, in certain situations that lack a SPAN session, allows local users to cause a denial of service memory consumption and device reset via a 1 "show monitor session all" or 2 "show monitor sessio...

6.2AI score0.00339EPSS
Exploits0References4
CVE
CVE
added 2013/08/30 1:0 a.m.57 views

CVE-2013-3467

CVE-2013-3467 affects Cisco UCS 6100 Series Fabric Interconnects. A memory leak in the CLI component can be triggered when running certain SPAN-agnostic commands, specifically either “show monitor session all” or “show monitor session,” by an authenticated, local attacker. The issue occurs becaus...

4.6CVSS6.4AI score0.00339EPSS
Exploits0References4Affected Software2
Cisco
Cisco
added 2013/08/29 7:48 p.m.21 views

Cisco UCS 6100 Fabric Interconnect Memory Leak Denial of Service Vulnerability

A vulnerability in the memory management when executing either the show monitor session all or show monitor session command-line interface CLI commands on the Cisco Unified Computing System UCS 6100 Series Fabric Interconnects could allow an authenticated, local attacker to trigger a memory leak...

4.6CVSS6.7AI score0.00339EPSS
Exploits0References1
Rows per page
Query Builder