Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
CiscoUnified Computing System

16 matches found

CVE
CVEadded 2013/10/22 11:17 a.m.54 views

CVE-2013-5550

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via crafted command parameters that trigger hardware-component write operations, aka Bug ID CSCtq86549.

4.6CVSS6.5AI score0.00082EPSS
CVE
CVEadded 2013/10/13 10:20 a.m.47 views

CVE-2012-4107

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted parameters to a file-related command, aka Bug ID CSCtq86489.

4.6CVSS7.5AI score0.00067EPSS
CVE
CVEadded 2013/10/19 10:36 a.m.47 views

CVE-2012-4116

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete the authentication process for a server connection, by sniffing the network, aka Bug ID CSCtr72970.

4.3CVSS6.9AI score0.00265EPSS
CVE
CVEadded 2017/04/07 5:59 p.m.47 views

CVE-2017-6602

A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More Information: CSCvb66189 CSCvb...

4.4CVSS5.5AI score0.00262EPSS
CVE
CVEadded 2017/11/30 9:29 a.m.46 views

CVE-2017-12332

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installing ...

4.9CVSS4.6AI score0.00084EPSS
CVE
CVEadded 2015/07/10 3:59 p.m.45 views

CVE-2015-4259

The Integrated Management Controller on Cisco Unified Computing System (UCS) C servers with software 1.5(3) and 1.6(0.16) has a default SSL certificate, which makes it easier for man-in-the-middle attackers to bypass cryptographic protection mechanisms by leveraging knowledge of a private key, aka ...

4.3CVSS6.7AI score0.00136EPSS
CVE
CVEadded 2017/11/30 9:29 a.m.45 views

CVE-2017-12336

A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient input validation...

4.6CVSS5.1AI score0.00045EPSS
CVE
CVEadded 2013/09/20 6:55 p.m.44 views

CVE-2012-4081

MCServer in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (application crash) via invalid MCTools parameters, aka Bug ID CSCtg20734.

4.6CVSS6.4AI score0.00121EPSS
CVE
CVEadded 2013/09/20 4:55 p.m.44 views

CVE-2012-4083

Multiple buffer overflows in the administrative web interface in Cisco Unified Computing System (UCS) allow remote authenticated users to cause a denial of service (memory corruption and session termination) via long string values for unspecified parameters, aka Bug ID CSCtg20751.

4CVSS6.9AI score0.00685EPSS
CVE
CVEadded 2013/09/20 4:55 p.m.43 views

CVE-2012-4072

The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers, and read keyboard and mouse events, by leveraging knowledge of this certificate's private key, aka Bug ID CSCte90327.

4.3CVSS6.5AI score0.00181EPSS
CVE
CVEadded 2015/02/03 10:59 p.m.43 views

CVE-2015-0599

The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) on C-Series Rack Servers does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web ...

4.3CVSS6.5AI score0.00422EPSS
CVE
CVEadded 2013/09/26 2:16 p.m.38 views

CVE-2012-4088

The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging knowledge of this password, aka Bug ID CSCtg20769.

4.3CVSS6.9AI score0.00337EPSS
CVE
CVEadded 2013/09/20 4:55 p.m.38 views

CVE-2012-4093

The Manager component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via an invalid Smart Call Home contact address, aka Bug ID CSCtl00186.

4.6CVSS6.4AI score0.00121EPSS
CVE
CVEadded 2021/08/25 8:15 p.m.38 views

CVE-2021-1592

A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could expl...

4.3CVSS4.7AI score0.00415EPSS
CVE
CVEadded 2013/10/19 10:36 a.m.37 views

CVE-2012-4113

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and read arbitrary files via crafted command parameters within the command-line interface, aka Bug ID CSCtr43374.

4.6CVSS6.9AI score0.00061EPSS
CVE
CVEadded 2013/10/13 10:19 a.m.36 views

CVE-2012-4105

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (component crash) via crafted "debug hardware" parameters, aka Bug ID CSCtq86468.

4.6CVSS6.4AI score0.0013EPSS