318 matches found
Cisco UCS C-Series Servers and UCS S-Series Servers Information Disclosure Vulnerability
Cisco Integrated Management Controller IMC is a set of software from the American company Cisco Cisco for the management of UCS Unified Computing System. The software supports HTTP, SSH access, etc., and can perform operations such as powering on, powering off and rebooting the server. An...
CVE-2019-1936
A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root use...
CVE-2019-12634
A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a...
CVE-2019-12634 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Denial of Service Vulnerability
A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a...
Cisco Patches Six Critical Bugs in UCS Gear and Switches
Cisco Systems is warning of six critical vulnerabilities impacting a wide range of its products, including its Unified Computing System server line and its small business 220 Series Smart switches. In all instances of the vulnerabilities, a remote unauthenticated attacker could take over targeted...
Cisco Unified Computing System BIOS Signature Bypass Vulnerability
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System UCS C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firmware image file. An...
The vulnerability of the command-line interface of Cisco UCS Blade Series B software allows a hacker to write arbitrary files.
The vulnerability of the command-line interface of Cisco UCS Blade series B micro-programming system software is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to write arbitrary files by modifying the command-line interface parameters...
CVE-2019-1725
A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could allow an authenticated, local attacker to overwrite an arbitrary file on disk. It is also possible the attacker could inject CLI command parameters that should not be...
CVE-2019-1616
A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service DoS condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An...
CVE-2018-15427
A vulnerability in Cisco Video Surveillance Manager VSM Software running on certain Cisco Connected Safety and Security Unified Computing System UCS platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user...
CVE-2018-0362
A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing UCS E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability...
CVE-2018-0362
The CVE-2018-0362 entry describes a vulnerability in BIOS authentication management for Cisco 5000 Series Enterprise Network Compute System (ENCS) and Cisco UCS E-Series Servers. A local, unauthenticated attacker could bypass BIOS authentication by submitting an empty password to the BIOS prompt,...
Input validation
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...
CVE-2018-0338
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...
CVE-2018-0338
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...
Cisco Unified Computing System (UCS) Software Input Validation Vulnerability
Cisco Unified Computing System UCS Software is a set of unified computing system of the United States Cisco Cisco. The system through the extensive use of virtualization technology will be integrated into a platform of network, computing and virtualization resources. An input validation...
Cisco Unified Computing System Role-Based Access Vulnerability
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System UCS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation...
Cisco UCS Director Virtual Machine Information Disclosure Vulnerability
Cisco Unified Computing System UCS is a set of unified computing system of the United States Cisco Cisco Company. The system integrates network, computing, and virtualized resources into a single platform through the extensive use of virtualization technology.Cisco Unified Computing System Direct...
CVE-2018-0219
A vulnerability in the web-based management interface of Cisco Unified Computing System UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Unified Computing System UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...