Lucene search
+L
CiscoUcs Central Software

5 matches found

CVE
CVE
added 2021/12/10 12:0 a.m.6935 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wild
CVE
CVE
added 2023/02/23 12:0 a.m.91 views

CVE-2023-20012

CVE-2023-20012 affects the Cisco Nexus 9300-FX3 Series Fabric Extender (FEX) used in UCS Fabric Interconnect deployments. The issue is an improper implementation of the password validation function in the CLI console login, allowing an unauthenticated, physically-adjacent attacker to bypass authe...

5.3CVSS5.4AI score0.00295EPSS
CVE
CVE
added 2023/02/23 12:0 a.m.88 views

CVE-2023-20015

CVE-2023-20015 affects Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and Cisco UCS 6200–6500 Fabric Interconnects. The root cause is insufficient input validation of user-supplied commands in the CLI, enabling an authenticated, local attacker to inject unauthorized commands. An...

6.7CVSS6.4AI score0.00223EPSS
CVE
CVE
added 2023/02/23 12:0 a.m.71 views

CVE-2023-20016

CVE-2023-20016 affects Cisco UCS Manager Software and Cisco FXOS Software backups/export files. The root issue is a weakness in the backup encryption method using a static key, which could let an unauthenticated attacker with access to a backup decrypt sensitive data stored in full state and conf...

6.5CVSS6.3AI score0.0011EPSS
CVE
CVE
added 2024/10/16 4:15 p.m.52 views

CVE-2024-20280

CVE-2024-20280 affects Cisco UCS Central Software backup feature. The root cause is a weakness in the encryption method using a static key for backup configuration, allowing an attacker with access to a backup file to learn sensitive information stored in full state and configuration backups. Aff...

6.3CVSS6.2AI score0.00112EPSS