292 matches found
CVE-2018-15427
A vulnerability in Cisco Video Surveillance Manager VSM Software running on certain Cisco Connected Safety and Security Unified Computing System UCS platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user...
Input validation
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...
CVE-2018-0338
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...
CVE-2018-0338
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...
Cisco Unified Computing System (UCS) Software Input Validation Vulnerability
Cisco Unified Computing System UCS Software is a set of unified computing system of the United States Cisco Cisco. The system through the extensive use of virtualization technology will be integrated into a platform of network, computing and virtualization resources. An input validation...
Cisco Unified Computing System Role-Based Access Vulnerability
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...
CVE-2018-0219
A vulnerability in the web-based management interface of Cisco Unified Computing System UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Unified Computing System UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...
The vulnerability of the NX-OS operating system of the Cisco Unified Computing System Central device management system is related to incorrect verification of the cryptographic signature of data. This allows a perpetrator to bypass the signature verification during the loading of updates.
The vulnerability of the NX-OS operating system of the Cisco Unified Computing System Central device management system is related to incorrect verification of the cryptographic signature of data. Exploiting this vulnerability could allow an attacker to bypass the signature verification and downlo...
Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability
Description Multiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Apple Mac Os X 10.11.6 Apple iOS 11.2 Apple macOS 10.12.6 Apple macOS 10.13.2 Apple tvOS...
Cisco UCS Central Software Session Fixation Vulnerability
Cisco UCS Central Software is the United States Cisco Cisco company's set of global Cisco UCS Unified Computing System resources for server management and monitoring solutions. A session fixation vulnerability exists in the web-based management interface in Cisco UCS Central Software. A remote...
Input validation
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by issuing a crafted...
CVE-2017-12335
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...
Design/Logic Flaw
A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...
CVE-2017-12341
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation during the...
Command injection
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation during the...
Command injection
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command...
Design/Logic Flaw
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker could exploit thi...
CVE-2017-12332
A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...
CVE-2017-12333
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker could exploit thi...