Cisco

Unified Computing System

40 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-0599

  • EPSS 0.42%
  • Published 03.02.2015 22:59:02
  • Last modified 12.04.2025 10:46:40

The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) on C-Series Rack Servers does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks...

6.8

CVE-2014-7996

  • EPSS 0.17%
  • Published 18.11.2014 23:59:04
  • Last modified 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477.

4.6

CVE-2013-5550

  • EPSS 0.08%
  • Published 22.10.2013 11:17:15
  • Last modified 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via crafted command parameters that trigger hardware-component write operations, aka Bug ID CSCtq86549.

5.8

CVE-2012-4115

  • EPSS 0.26%
  • Published 21.10.2013 10:50:23
  • Last modified 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM virtual-media data, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify this traffic by inserting pa...

5.8

CVE-2012-4117

  • EPSS 0.14%
  • Published 19.10.2013 10:36:07
  • Last modified 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not properly verify X.509 certificates, which allows man-in-the-middle attackers to watch SSL KVM video-channel traffic or modify this traffic via a crafted certificate, a...

4.3

CVE-2012-4116

  • EPSS 0.27%
  • Published 19.10.2013 10:36:07
  • Last modified 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete the authentication process for a server connection,...

5.8

CVE-2012-4114

  • EPSS 0.26%
  • Published 19.10.2013 10:36:07
  • Last modified 11.04.2025 00:51:21

The fabric-interconnect KVM module in Cisco Unified Computing System (UCS) does not encrypt video data, which allows man-in-the-middle attackers to watch KVM display content by sniffing the network or modify this traffic by inserting packets into the...

4.6

CVE-2012-4113

  • EPSS 0.06%
  • Published 19.10.2013 10:36:07
  • Last modified 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and read arbitrary files via crafted command parameters within the command-line interface, aka Bug ID CSCtr43374.

6.8

CVE-2012-4112

  • EPSS 0.08%
  • Published 19.10.2013 10:36:06
  • Last modified 11.04.2025 00:51:21

The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the command-line interface, aka Bug ID CSCtr43330.

6.8

CVE-2012-4108

  • EPSS 0.3%
  • Published 13.10.2013 10:20:02
  • Last modified 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554.