164 matches found
Cisco UCS Manager Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco UCS Manager is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco UCS Manager due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after which the...
Cisco UCS Manager Software Command Injection (cisco-sa-ucsciv-wGYtC78q)
According to its self-reported version, Cisco UCS Manager Software is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks...
CVE-2026-20036
A vulnerability in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with valid administrative privileges to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to...
CVE-2026-20099
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This vulnerability is...
CVE-2026-20037
A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager Software could allow an authenticated, local attacker with read-only privileges to modify files and perform unauthorized actions on an affected system. This vulnerability exists because unnecessary privileges are given to the...
EUVD-2026-8667
A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager Software could allow an authenticated, local attacker with read-only privileges to modify files and perform unauthorized actions on an affected system. This vulnerability exists because unnecessary privileges are given to the...
EUVD-2026-8666
A vulnerability in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with valid administrative privileges to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to...
EUVD-2026-8670
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...
CVE-2026-20099
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This vulnerability is...
CVE-2026-20037
A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager Software could allow an authenticated, local attacker with read-only privileges to modify files and perform unauthorized actions on an affected system. This vulnerability exists because unnecessary privileges are given to the...
CVE-2026-20036
A vulnerability in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with valid administrative privileges to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to...
CVE-2026-20099 Cisco UCS Manager and FXOS Software Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This vulnerability is...
CVE-2026-20099
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This vulnerability is...
CVE-2026-20099
The CVE affects the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software. A vulnerability arises from insufficient input validation of user-supplied command arguments in the management interface, permitting an authenticated local attacker with administrative privil...
CVE-2026-20099 Cisco UCS Manager and FXOS Software Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This vulnerability is...
CVE-2026-20091
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...
CVE-2026-20091 Cisco UCS Manager and FXOS Software Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...
CVE-2026-20091 Cisco UCS Manager and FXOS Software Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...
CVE-2026-20091
CVE-2026-20091 affects Cisco FXOS Software and Cisco UCS Manager Software via the web-based management interface. The issue is a stored cross-site scripting flaw caused by insufficient input validation in the interface, allowing an authenticated attacker with Administrator/AAA Administrator crede...
CVE-2026-20037
CVE-2026-20037 affects Cisco UCS Manager Software with NX-OS CLI privilege levels. An authenticated, read-only user can connect to the NX-OS CLI and leverage unnecessary privileges to create or overwrite files or perform limited privileged actions on the device. The issue stems from excessive pri...