Lucene search
K

318 matches found

Cisco
Cisco
added 2013/09/24 8:20 p.m.24 views

Cisco Unified Computing System Fabric Interconnect Devices Arbitrary Command Execution Vulnerability

A vulnerability in the initial setup script of Cisco Unified Computing System fabric interconnect FI devices could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to unfiltered input in the cluster initial...

5.1CVSS3AI score0.01944EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/24 7:45 p.m.26 views

Cisco Unified Computing System Fabric Interconnect Denial of Service Vulnerability

A vulnerability in Smart Call Home functionality in the fabric interconnect FI of Cisco Unified Computing System could allow an unauthenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to a buffer overflow in the Smart Call Home function. An attacker...

5.4CVSS1.8AI score0.02049EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/24 7:40 p.m.28 views

Cisco Unified Computing System Baseboard Management Controller Privilege Escalation Vulnerability

A vulnerability in the Baseboard Management Controller BMC of Cisco Unified Computing System could allow an authenticated, remote attacker to access services with elevated privileges. The vulnerability is due to improper filtering of SSH escape sequences. An attacker could exploit this...

6.3CVSS3.8AI score0.03544EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/24 7:32 p.m.26 views

Cisco Unified Computing System Fabric Interconnect Devices Arbitrary Command Execution Vulnerability

A vulnerability in the initial setup script of Cisco Unified Computing System fabric interconnect devices could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to unfiltered input in the initial configuration...

5.1CVSS3AI score0.02916EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/24 7:16 p.m.31 views

Cisco Unified Computing System Baseboard Management Controller Arbitrary Command Execution Vulnerability

A vulnerability in the fabric interconnect FI of Cisco Unified Computing System could allow an authenticated, local attacker to execute arbitrary commands on the Baseboard Management Controller BMC with elevated privileges. The vulnerability is due to improper input validation in the MCTOOLS...

6.6CVSS3.2AI score0.00319EPSS
Exploits0References1
NVD
NVD
added 2013/09/24 10:35 a.m.21 views

CVE-2012-4087

A cluster setup script for fabric interconnect devices in Cisco Unified Computing System UCS allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20793...

5.1CVSS7.7AI score0.01944EPSS
Exploits0References3
Cvelist
Cvelist
added 2013/09/24 10:0 a.m.28 views

CVE-2012-4089

MCTOOLS in the fabric interconnect in Cisco Unified Computing System UCS allows local users to execute arbitrary Baseboard Management Controller BMC commands by leveraging 1 local, 2 shell-level, or 3 debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239...

7.2AI score0.00319EPSS
Exploits0References3
NVD
NVD
added 2013/09/20 4:55 p.m.24 views

CVE-2012-4073

The KVM subsystem in the client in Cisco Unified Computing System UCS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers, and read or modify KVM data, via a crafted certificate, aka Bug ID CSCte90332...

5.8CVSS6.2AI score0.00597EPSS
Exploits0References2
Cvelist
Cvelist
added 2013/09/20 4:0 p.m.36 views

CVE-2012-4093

The Manager component in Cisco Unified Computing System UCS allows local users to cause a denial of service via an invalid Smart Call Home contact address, aka Bug ID CSCtl00186...

6.1AI score0.00268EPSS
Exploits0References2
Cisco
Cisco
added 2013/09/19 5:11 p.m.39 views

Cisco Unified Computing System Fabric Interconnect String Overflow Vulnerability

A vulnerability in the administrative web interface of the Cisco Unified Computing System could allow an authenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to improper parameter input validation. An attacker could exploit this vulnerability by...

4CVSS2.1AI score0.01725EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/19 5:8 p.m.24 views

Cisco Unified Computing System Cisco Management Controller Command Injection Vulnerability

A vulnerability in the Cisco Management Controller of the Cisco Unified Computing System could allow an authenticated, local attacker to execute commands on the underlying operation system with elevated privileges. The vulnerability is due to improper parameter input validation. An attacker could...

6.8CVSS3.2AI score0.00345EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/18 4:20 p.m.26 views

Cisco Unified Computing System Software KVM Encryption Vulnerability

A vulnerability in Cisco Unified Computing System software KVM could allow an unauthenticated, remote attacker to intercept a KVM connection to spoof a host or decrypt keyboard and mouse events on an encrypted channel. The vulnerability is due to a hard coded SSL certificate. An attacker could...

4.3CVSS1.6AI score0.00609EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/18 4:16 p.m.31 views

Cisco Unified Computing System Software KVM Client Certificate Validation Vulnerability

A vulnerability in Cisco Unified Computing System software KVM client could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. The vulnerability is due to improper certificate validation by the KVM client. An attacker could exploit this vulnerability by intercepting ...

4.3CVSS1.8AI score0.00597EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/18 2:0 p.m.30 views

Cisco Unified Computing System Serial over LAN Static Private Key Vulnerability

A vulnerability in the Cisco Unified Computing System Serial over LAN SoL implementation could allow an unauthenticated, remote attacker to perform a man-in-the-middle MITM attack. The vulnerability occurs because the Board Management Controller BMC uses a hard-coded private key. An attacker coul...

4.3CVSS1.6AI score0.01217EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/18 1:58 p.m.23 views

Cisco Unified Computing System Smart Call Home Input Validation Vulnerability

A vulnerability in Cisco Unified Computing System UCS Manager could allow an authenticated, local attacker to trigger a denial of service DoS condition. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by configuring an invalid contact address fo...

4.6CVSS1.9AI score0.00268EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/09/17 12:0 a.m.44 views

Default Password (cliuser) for 'cliuser' Account

The account 'cliuser' on the remote host has the password 'cliuser'. An attacker may leverage this issue to gain administrative access to the affected system. Note that Cisco Unified Computing System Platform Emulator is known to use these credentials to provide administrative access to the CLI...

7.5CVSS8.3AI score0.53618EPSS
Exploits41References1
Tenable Nessus
Tenable Nessus
added 2013/09/17 12:0 a.m.27 views

Multiple Vulnerabilities in Cisco Unified Computing System (cisco-sa-20130424-ucsmulti)

Managed and standalone Cisco Unified Computing System UCS deployments contain one or more of the following vulnerabilities : - Cisco Unified Computing System LDAP User Authentication Bypass Vulnerability CVE-2013-1182 - Cisco Unified Computing System IPMI Buffer Overflow Vulnerability CVE-2013-11...

10CVSS5.4AI score0.03596EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2013/09/17 12:0 a.m.32 views

Cisco Unified Computing System (UCS) Manager Version

Cisco Unified Computing System UCS Manager software is listening on remote Cisco device. It allows for the management of Cisco UCS hardware and software components. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69919; scriptversion"1.8";...

5.4AI score
Exploits0References1
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.45 views

Cisco Unified Computing System multiple security vulnerabilities

Buffer overflow, information leakage, authentication bypass, DoS...

10CVSS3AI score0.03596EPSS
Exploits0Affected Software1
Cisco
Cisco
added 2013/04/29 7:32 p.m.21 views

Cisco Unified Computing System Central Software DOM-Based Cross-Site Scripting Vulnerability

Cisco Unified Computing System Central Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability exists because the affected software fails to perform sufficient validation and sanitation of user-supplied inpu...

4.3CVSS5.5AI score0.00942EPSS
Exploits0References1
Rows per page
Query Builder