EUVD-2016-7783

Malware in sbrugna...

EUVD-2019-10293

Malware in sbrugna...

Input validation

A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface UEFI Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to improp...

CVE-2019-1736

Cisco UCS C-Series Rack Servers are affected by a UEFI Secure Boot bypass vulnerability (CVE-2019-1736) arising from improper validation of server firmware upgrade images. An authenticated, physical attacker could install a firmware version that disables UEFI Secure Boot, bypasses signature valid...

CVE-2019-1736 Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability

A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface UEFI Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to improp...

Cisco UCS C-Series Data Forgery Vulnerability

The Cisco UCS C-Series is a C-Series rackmount server from Cisco USA. A data forgery vulnerability exists in the firmware in Cisco UCS C-Series Rack Servers, which stems from a program's inability to properly validate server firmware update images. An attacker could exploit this vulnerability to...

Input validation

A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System UCS C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firmware image file. An...

CVE-2019-1880

A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System UCS C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firmware image file. An...

CVE-2019-1880

CVE-2019-1880 concerns the BIOS upgrade utility in Cisco UCS C-Series Rack Servers. The issue stems from insufficient validation of the BIOS firmware image file, enabling an authenticated, local attacker to run the upgrade with specific options and bypass the firmware signature-verification proce...

CVE-2019-1880 Cisco Unified Computing System BIOS Signature Bypass Vulnerability

A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System UCS C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firmware image file. An...

CVE-2019-1880 Cisco Unified Computing System BIOS Signature Bypass Vulnerability

A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System UCS C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firmware image file. An...

CVE-2015-7842

CVE-2015-7842 affects Huawei FusionServer family (RH2288/RH2288H/RH2288A/RH1288/RH8100/XH628/CH222/CH220/CH121 etc.) where software before specific V100R00xC00SPCyyy versions fails to verify user permissions, allowing remote authenticated operators to change server information. The issue is trigg...

CVE-2015-7842

Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 wi...

Input validation

The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before...

CVE-2015-7843

The CVE-2015-7843 issue affects Huawei FusionServer management interfaces where the login module does not limit the number of query attempts. This allows remote authenticated attackers to brute-force higher-privilege credentials, enabling access to higher-level user accounts. Affected products in...

CVE-2015-7843

The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before...

CVE-2015-7841

Huawei FusionServer products (RH2288 V3/HW3 with FW before V100R003C00SPC603, RH2288H V3 before V100R003C00SPC503, XH628 V3 before V100R003C00SPC602, RH1288 V3 before V100R003C00SPC602, RH2288A V2 before V100R002C00SPC701, RH1288A V2 before V100R002C00SPC502, RH8100 V3 before V100R003C00SPC110, C...

CVE-2017-6633

A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.00.234 could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient rate-limiting protection. An attacker could exploit...

CVE-2017-6633

The CVE-2017-6633 issue affects Cisco UCS C-Series Rack Servers, specifically version 3.0(0.234). The root cause is insufficient rate-limiting in the TCP throttling process, enabling an unauthenticated, remote attacker to cause a DoS by sending a high rate of TCP SYN packets to a specific listeni...

CVE-2017-6633

A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.00.234 could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient rate-limiting protection. An attacker could exploit...