Filtered by vendor Cisco
Subscriptions
Filtered by product Unified Computing System
Subscriptions
Total
108 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-4094 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
Buffer overflow in the Smart Call Home feature in the fabric interconnect in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service by reading and forging control messages associated with Smart Call Home reports, aka Bug ID CSCtl00198. | ||||
CVE-2012-4087 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
A cluster setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20793. | ||||
CVE-2012-4136 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
The high-availability service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) does not properly bind the cluster service to the management interface, which allows remote attackers to obtain sensitive information or cause a denial of service (peer-syncing outage) via a TELNET connection, aka Bug ID CSCtz72910. | ||||
CVE-2012-4084 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755. | ||||
CVE-2012-4103 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
ethanalyzer in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02686. | ||||
CVE-2012-4073 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
The KVM subsystem in the client in Cisco Unified Computing System (UCS) does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers, and read or modify KVM data, via a crafted certificate, aka Bug ID CSCte90332. | ||||
CVE-2012-4079 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service (API service outage) via a malformed XML document in a packet, aka Bug ID CSCtg48206. | ||||
CVE-2012-4088 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging knowledge of this password, aka Bug ID CSCtg20769. | ||||
CVE-2012-4082 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
MCTools in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to gain privileges by entering crafted command-line parameters on a Fabric Interconnect device, aka Bug ID CSCtg20749. | ||||
CVE-2012-4089 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
MCTOOLS in the fabric interconnect in Cisco Unified Computing System (UCS) allows local users to execute arbitrary Baseboard Management Controller (BMC) commands by leveraging (1) local, (2) shell-level, or (3) debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239. | ||||
CVE-2012-1313 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local users to gain privileges via malformed show-macstats parameters, aka Bug ID CSCub13772. | ||||
CVE-2014-8009 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239. | ||||
CVE-2014-8003 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998. | ||||
CVE-2014-7996 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477. | ||||
CVE-2015-6415 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect 6200 devices allows remote attackers to cause a denial of service (CPU consumption or device outage) via a SYN flood on the SSH port during the booting process, aka Bug ID CSCuu81757. | ||||
CVE-2015-6435 | 1 Cisco | 2 Firepower Extensible Operating System, Unified Computing System | 2024-08-06 | N/A |
An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request, aka Bug ID CSCur90888. | ||||
CVE-2015-6355 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on blade servers allows remote attackers to obtain potentially sensitive version information by visiting an unspecified URL, aka Bug ID CSCuw87226. | ||||
CVE-2015-4279 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect, aka Bug ID CSCut32778. | ||||
CVE-2015-4259 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
The Integrated Management Controller on Cisco Unified Computing System (UCS) C servers with software 1.5(3) and 1.6(0.16) has a default SSL certificate, which makes it easier for man-in-the-middle attackers to bypass cryptographic protection mechanisms by leveraging knowledge of a private key, aka Bug IDs CSCum56133 and CSCum56177. | ||||
CVE-2015-4183 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795. |