292 matches found
CVE-2013-1186
CVE-2013-1186 concerns Cisco UCS: versions 1.x before 1.4(4) and 2.x before 2.0(2m) are affected by a KVM authentication bypass via a crafted IMC authentication request. The issue is part of a Cisco UCS multi-vulnerability set; other CVEs (1182–1185) accompany it. Affected component is the Cisco ...
CVE-2013-1184
CVE-2013-1184 affects Cisco UCS Manager (XML API management service) in UCS 1.x before 1.2(1b). The Management API can be triggered by a malformed request to cause a denial-of-service (service outage). Affected component: XML API management service in the Manager. Root cause: malformed request ha...
CVE-2013-1182
The CVE-2013-1182 issue affects Cisco UCS: the login page of the UCS Manager Web Console allows remote LDAP authentication bypass via a malformed request in versions prior to 1.0(2h), 1.1 prior to 1.1(1j), and 1.3(x). Root cause is an LDAP authentication bypass in the Web Console login flow. Impa...
Cisco Releases Security Advisories
Cisco has released three security advisories to address vulnerabilities affecting Cisco NX-OS-based products, Cisco Device Manager, and Cisco Unified Computing System. These vulnerabilities may allow an attacker to bypass authentication controls, execute arbitrary code, obtain sensitive...
Cisco Unified Computing System Fabric Interconnect SNMP Message Processing Denial of Service Vulnerability
Cisco Unified Computing System contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to errors in processing malicious Simple Network Management Protocol SNMP messages by the affected software. An...
CVE-2012-1339
The Fabric Interconnect component in Cisco Unified Computing System UCS 2.0 allows remote attackers to cause a denial of service process crash via an attempted SSH session, aka Bug ID CSCtt94543...
CVE-2012-1365
Cisco Unified Computing System UCS 1.4 and 2.0 allows remote authenticated users to cause a denial of service device reload via a malformed SNMP request to a Fabric Interconnect FI device, aka Bug ID CSCts32463...
Cross site request forgery (csrf)
Cisco Unified Computing System UCS 1.4 and 2.0 allows remote authenticated users to cause a denial of service device reload via a malformed SNMP request to a Fabric Interconnect FI device, aka Bug ID CSCts32463...
CVE-2011-2569
Cisco Nexus OS aka NX-OS 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188...
Command injection
Cisco Nexus OS aka NX-OS 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188...
CVE-2011-2569
Cisco Nexus OS aka NX-OS 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188...
CVE-2011-2569
Cisco NX-OS (Nexus OS) 4.2 and 5.0 and Cisco UCS software 1.4 and 2.0 are affected by CVE-2011-2569 due to improper sanitization of user input in CLI options, enabling authenticated, local users to escalate privileges via unspecified vectors. Root cause: insufficient restriction of command-line o...