{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-04-25T10:00:00Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20130424 Multiple Vulnerabilities in Cisco Unified Computing System", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2013-1182", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20130424 Multiple Vulnerabilities in Cisco Unified Computing System", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:49:20.782Z"}, "title": "CVE Program Container", "references": [{"name": "20130424 Multiple Vulnerabilities in Cisco Unified Computing System", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2013-1182", "datePublished": "2013-04-25T10:00:00Z", "dateReserved": "2013-01-11T00:00:00Z", "dateUpdated": "2024-09-16T22:25:30.664Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D750A18-D9BA-4AA4-8DA5-CB38F0430996", "versionEndIncluding": "1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "75680C91-A1EF-4BE1-8D26-C4763E44A091", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1c\\):*:*:*:*:*:*:*", "matchCriteriaId": "2E8C881B-CAAC-40AB-A9BF-93495BAFE56F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1m\\):*:*:*:*:*:*:*", "matchCriteriaId": "20C079CC-34E2-4C8D-ABC9-6D76F4A22D73", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1n\\):*:*:*:*:*:*:*", "matchCriteriaId": "F2FDBA01-AE8E-4B06-9A4E-71CB16D3C592", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1o\\):*:*:*:*:*:*:*", "matchCriteriaId": "765CC42E-FAC8-43D6-9B40-B8CF7272C4FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1p\\):*:*:*:*:*:*:*", "matchCriteriaId": "9C0806ED-7F9C-4166-B47A-0381C215FF2D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1q\\):*:*:*:*:*:*:*", "matchCriteriaId": "76367743-6762-4C70-AFD7-4848E2FE3F61", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1t\\):*:*:*:*:*:*:*", "matchCriteriaId": "4857DF36-804A-4B2B-B2AA-37E8A0036F65", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1w\\):*:*:*:*:*:*:*", "matchCriteriaId": "3B18FB5A-F569-413C-BA09-58C28EF9316C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1y\\):*:*:*:*:*:*:*", "matchCriteriaId": "41EC377E-7DAD-4E6C-AC3F-215B6EAB05D6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:unified_computing_system_6120xp_fabric_interconnect:-:*:*:*:*:*:*:*", "matchCriteriaId": "908F8E5E-9BC4-4682-8C25-C07DB032A18B", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:unified_computing_system_6140xp_fabric_interconnect:-:*:*:*:*:*:*:*", "matchCriteriaId": "92F5E053-2C45-43F0-8A86-FB3C4C0B04E0", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:unified_computing_system_6248up_fabric_interconnect:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6584DF3-E466-49BE-B4D8-3E249B7816F7", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:unified_computing_system_6296up_fabric_interconnect:-:*:*:*:*:*:*:*", "matchCriteriaId": "18DD763C-BBA6-48EC-9CFF-A5F0DEF85756", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:unified_computing_system_integrated_management_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "96F29BD7-06E5-4149-90CB-F9733D04AFF7", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207."}, {"lang": "es", "value": "La p\u00e1gina de inicio de sesi\u00f3n en la consola Web en el componente Administrador de Cisco Unified Computing System (UCS), antes de v1.0(2h) v1.1 antes de v1.1(1j), y v1.3(x), permite a atacantes remotos evitar la autenticaci\u00f3n LDAP a trav\u00e9s de una solicitud mal formada, tambi\u00e9n conocido como Bug ID CSCtc91207."}], "id": "CVE-2013-1182", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-04-25T10:55:01.683", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}