Lucene search
K

318 matches found

CNVD
CNVD
added 2019/08/22 12:0 a.m.4 views

Cisco UCS C-Series Servers and UCS S-Series Servers Information Disclosure Vulnerability

Cisco Integrated Management Controller IMC is a set of software from the American company Cisco Cisco for the management of UCS Unified Computing System. The software supports HTTP, SSH access, etc., and can perform operations such as powering on, powering off and rebooting the server. An...

7.5CVSS6.3AI score0.01997EPSS
Exploits0References1
OSV
OSV
added 2019/08/21 7:15 p.m.3 views

CVE-2019-1936

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root use...

7.2CVSS7.3AI score0.39475EPSS
Exploits7References5
OSV
OSV
added 2019/08/21 7:15 p.m.5 views

CVE-2019-12634

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a...

7.5CVSS7.2AI score0.02046EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2019/08/21 6:5 p.m.3 views

CVE-2019-12634 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a...

8.6CVSS5.8AI score0.02046EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2019/08/21 5:38 p.m.180 views

Cisco Patches Six Critical Bugs in UCS Gear and Switches

Cisco Systems is warning of six critical vulnerabilities impacting a wide range of its products, including its Unified Computing System server line and its small business 220 Series Smart switches. In all instances of the vulnerabilities, a remote unauthenticated attacker could take over targeted...

10CVSS0.83386EPSS
Exploits23References14
Cisco
Cisco
added 2019/06/05 4:0 p.m.96 views

Cisco Unified Computing System BIOS Signature Bypass Vulnerability

A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System UCS C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firmware image file. An...

4.4CVSS4.9AI score0.00208EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/05/31 12:0 a.m.7 views

The vulnerability of the command-line interface of Cisco UCS Blade Series B software allows a hacker to write arbitrary files.

The vulnerability of the command-line interface of Cisco UCS Blade series B micro-programming system software is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to write arbitrary files by modifying the command-line interface parameters...

5.5CVSS6AI score0.00368EPSS
Exploits0References2
OSV
OSV
added 2019/04/18 1:29 a.m.4 views

CVE-2019-1725

A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could allow an authenticated, local attacker to overwrite an arbitrary file on disk. It is also possible the attacker could inject CLI command parameters that should not be...

5.5CVSS6.2AI score0.00368EPSS
Exploits0References2
OSV
OSV
added 2019/03/11 9:29 p.m.5 views

CVE-2019-1616

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service DoS condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An...

7.5CVSS6.1AI score0.02416EPSS
Exploits0References2
OSV
OSV
added 2018/10/05 2:29 p.m.4 views

CVE-2018-15427

A vulnerability in Cisco Video Surveillance Manager VSM Software running on certain Cisco Connected Safety and Security Unified Computing System UCS platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user...

9.8CVSS6.1AI score0.06827EPSS
Exploits0References3
OSV
OSV
added 2018/06/21 11:29 a.m.4 views

CVE-2018-0362

A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing UCS E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability...

4.3CVSS5.9AI score0.0038EPSS
Exploits0References2
CVE
CVE
added 2018/06/21 11:0 a.m.58 views

CVE-2018-0362

The CVE-2018-0362 entry describes a vulnerability in BIOS authentication management for Cisco 5000 Series Enterprise Network Compute System (ENCS) and Cisco UCS E-Series Servers. A local, unauthenticated attacker could bypass BIOS authentication by submitting an empty password to the BIOS prompt,...

4.6CVSS5AI score0.0038EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/06/07 9:29 p.m.19 views

Input validation

A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...

4.6CVSS7.8AI score0.00377EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/06/07 9:29 p.m.22 views

CVE-2018-0338

A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...

7.8CVSS7.9AI score0.00377EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/06/07 9:0 p.m.10 views

CVE-2018-0338

A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...

7.5AI score0.00377EPSS
Exploits0References3
CNVD
CNVD
added 2018/06/07 12:0 a.m.4 views

Cisco Unified Computing System (UCS) Software Input Validation Vulnerability

Cisco Unified Computing System UCS Software is a set of unified computing system of the United States Cisco Cisco. The system through the extensive use of virtualization technology will be integrated into a platform of network, computing and virtualization resources. An input validation...

7.8CVSS7.2AI score0.00377EPSS
Exploits0References1
Cisco
Cisco
added 2018/06/06 4:0 p.m.64 views

Cisco Unified Computing System Role-Based Access Vulnerability

A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...

6.7CVSS2.5AI score0.00377EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/19 12:0 a.m.5 views

Cisco UCS Director Virtual Machine Information Disclosure Vulnerability

Cisco Unified Computing System UCS is a set of unified computing system of the United States Cisco Cisco Company. The system integrates network, computing, and virtualized resources into a single platform through the extensive use of virtualization technology.Cisco Unified Computing System Direct...

9.9CVSS6.7AI score0.05182EPSS
Exploits0References1
OSV
OSV
added 2018/03/08 7:29 a.m.4 views

CVE-2018-0219

A vulnerability in the web-based management interface of Cisco Unified Computing System UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

6.1CVSS6AI score0.01783EPSS
Exploits0References3
Prion
Prion
added 2018/03/08 7:29 a.m.15 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Unified Computing System UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

4.3CVSS6AI score0.01783EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder