754 matches found
CVE-2012-4086
A setup script for fabric interconnect devices in Cisco Unified Computing System UCS allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790...
Cisco Unified Computing System Fabric Interconnect Devices Arbitrary Command Execution Vulnerability
A vulnerability in the initial setup script of Cisco Unified Computing System fabric interconnect FI devices could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to unfiltered input in the cluster initial...
Cisco Unified Computing System Fabric Interconnect Denial of Service Vulnerability
A vulnerability in Smart Call Home functionality in the fabric interconnect FI of Cisco Unified Computing System could allow an unauthenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to a buffer overflow in the Smart Call Home function. An attacker...
Cisco Unified Computing System Fabric Interconnect Devices Arbitrary Command Execution Vulnerability
A vulnerability in the initial setup script of Cisco Unified Computing System fabric interconnect devices could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to unfiltered input in the initial configuration...
Cisco Unified Computing System Baseboard Management Controller Arbitrary Command Execution Vulnerability
A vulnerability in the fabric interconnect FI of Cisco Unified Computing System could allow an authenticated, local attacker to execute arbitrary commands on the Baseboard Management Controller BMC with elevated privileges. The vulnerability is due to improper input validation in the MCTOOLS...
CVE-2012-4087
A cluster setup script for fabric interconnect devices in Cisco Unified Computing System UCS allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20793...
CVE-2012-4089
MCTOOLS in the fabric interconnect in Cisco Unified Computing System UCS allows local users to execute arbitrary Baseboard Management Controller BMC commands by leveraging 1 local, 2 shell-level, or 3 debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239...
Command injection
A cluster setup script for fabric interconnect devices in Cisco Unified Computing System UCS allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20793...
Command injection
MCTOOLS in the fabric interconnect in Cisco Unified Computing System UCS allows local users to execute arbitrary Baseboard Management Controller BMC commands by leveraging 1 local, 2 shell-level, or 3 debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239...
CVE-2012-4087
Cisco UCS Fabric Interconnect devices contain a vulnerability in the cluster initial setup script that allows an unauthenticated, remote attacker to execute arbitrary commands via invalid parameters. The root cause is unfiltered input during the initial configuration phase, restricting exploitati...
CVE-2012-4089
The CVE-2012-4089 issue affects Cisco Unified Computing System fabric interconnects (FI) via its MCTOOLS command. The root cause is improper input validation in MCTOOLS, enabling an authenticated, local attacker with local/shell-level/debug-level OS access to inject commands and execute arbitrary...
CVE-2012-4094
Cisco UCS Fabric Interconnect vulnerability CVE-2012-4094 is caused by a buffer overflow in the Smart Call Home feature. An unauthenticated, remote attacker could trigger a DoS by intercepting and spoofing specific control messages that cause Smart Call Home to generate reports. Cisco’s advisory ...
CVE-2012-4094
Buffer overflow in the Smart Call Home feature in the fabric interconnect in Cisco Unified Computing System UCS allows remote attackers to cause a denial of service by reading and forging control messages associated with Smart Call Home reports, aka Bug ID CSCtl00198...
Command injection
MCTools in the Cisco Management Controller in Cisco Unified Computing System UCS allows local users to gain privileges by entering crafted command-line parameters on a Fabric Interconnect device, aka Bug ID CSCtg20749...
CVE-2012-4082
MCTools in the Cisco Management Controller in Cisco Unified Computing System UCS allows local users to gain privileges by entering crafted command-line parameters on a Fabric Interconnect device, aka Bug ID CSCtg20749...
Cisco Unified Computing System Cisco Management Controller Command Injection Vulnerability
A vulnerability in the Cisco Management Controller of the Cisco Unified Computing System could allow an authenticated, local attacker to execute commands on the underlying operation system with elevated privileges. The vulnerability is due to improper parameter input validation. An attacker could...
Memory corruption
Memory leak in the CLI component on Cisco Unified Computing System UCS 6100 Fabric Interconnect devices, in certain situations that lack a SPAN session, allows local users to cause a denial of service memory consumption and device reset via a 1 "show monitor session all" or 2 "show monitor sessio...
CVE-2013-3467
Memory leak in the CLI component on Cisco Unified Computing System UCS 6100 Fabric Interconnect devices, in certain situations that lack a SPAN session, allows local users to cause a denial of service memory consumption and device reset via a 1 "show monitor session all" or 2 "show monitor sessio...
CVE-2013-3467
CVE-2013-3467 affects Cisco UCS 6100 Series Fabric Interconnects. A memory leak in the CLI component can be triggered when running certain SPAN-agnostic commands, specifically either “show monitor session all” or “show monitor session,” by an authenticated, local attacker. The issue occurs becaus...
Cisco UCS 6100 Fabric Interconnect Memory Leak Denial of Service Vulnerability
A vulnerability in the memory management when executing either the show monitor session all or show monitor session command-line interface CLI commands on the Cisco Unified Computing System UCS 6100 Series Fabric Interconnects could allow an authenticated, local attacker to trigger a memory leak...