Lucene search
+L
CiscoUcs Manager

8 matches found

CVE
CVE
added 2020/06/02 8:35 a.m.172 views

CVE-2020-10136

CVE-2020-10136 concerns the IP Encapsulation within IP (IPIP) decapsulation path that decapsulates and routes IP-in-IP traffic without validation of the source network packets, enabling spoofing and potential access-control bypass and other unexpected behavior. The NVD entry assigns a MEDIUM seve...

5.3CVSS5.2AI score0.28537EPSS
CVE
CVE
added 2020/02/05 5:45 p.m.143 views

CVE-2020-3119

Summary (CVE-2020-3119) : The vulnerability affects Cisco NX-OS Software’s Cisco Discovery Protocol (CDP) parser. It allows an unauthenticated, adjacent attacker to send a crafted CDP packet, leading to a stack overflow and potentially executing arbitrary code with administrative privileges or tr...

8.8CVSS8.9AI score0.05098EPSS
CVE
CVE
added 2020/02/05 5:50 p.m.137 views

CVE-2020-3120

CVE-2020-3120 affects Cisco FXOS, IOS XR, and NX-OS CDP handling. A missing check when processing Cisco Discovery Protocol messages could let an unauthenticated, adjacent attacker cause a device reload and DoS by sending crafted CDP packets (Layer 2). Impact per sources is DoS via memory exhausti...

7.4CVSS6.5AI score0.02026EPSS
CVE
CVE
added 2020/02/26 4:50 p.m.105 views

CVE-2020-3172

CVE-2020-3172 affects Cisco FXOS Software and Cisco NX-OS Software via the Cisco Discovery Protocol. Insufficient validation of CDP packet headers allows an unauthenticated, Layer-2 adjacent attacker to send a crafted CDP packet, causing a buffer overflow that could let the attacker execute arbit...

8.8CVSS9.4AI score0.02044EPSS
CVE
CVE
added 2020/02/26 4:51 p.m.84 views

CVE-2020-3167

CVE-2020-3167 covers a CLI command injection vulnerability in Cisco FXOS Software and Cisco UCS Manager Software. The issue stems from insufficient input validation in CLI commands, allowing an authenticated, local attacker to inject crafted arguments and execute arbitrary OS commands with the pr...

7.8CVSS7.8AI score0.00484EPSS
CVE
CVE
added 2020/02/26 4:50 p.m.76 views

CVE-2020-3173

Cisco UCS Manager Software Local Management CLI Command Injection (CVE-2020-3173) affects the local-mgmt CLI. The root cause is insufficient input validation of command arguments, allowing an authenticated, local attacker to execute arbitrary OS commands. On most platforms, such commands run with...

7.8CVSS7.9AI score0.00439EPSS
CVE
CVE
added 2020/02/26 4:50 p.m.71 views

CVE-2020-3171

The CVE-2020-3171 entry covers Cisco FXOS and Cisco UCS Manager Software Local Management CLI Command Injection caused by insufficient input validation in the local-mgmt CLI. An authenticated, local attacker can run arbitrary commands on the device’s underlying OS; on most platforms this occurs w...

7.8CVSS7.8AI score0.00484EPSS
CVE
CVE
added 2021/05/06 12:42 p.m.67 views

CVE-2021-1397

Cisco IMC Open Redirect vulnerability (CVE-2021-1397) affects the web-based management interface of Cisco Integrated Management Controller software. Type: improper input validation in HTTP request parameters, exploitable via a crafted link to redirect users to a malicious site. Impact is open red...

6.1CVSS5.1AI score0.00831EPSS