Cisco

Unified Computing System

40 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2012-4102

  • EPSS 0.08%
  • Published 02.10.2013 22:55:23
  • Last modified 11.04.2025 00:51:21

The activate firmware command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02600.

5.5

CVE-2012-4095

  • EPSS 0.06%
  • Published 02.10.2013 22:55:02
  • Last modified 11.04.2025 00:51:21

The local file editor in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges, and read or modify arbitrary files, via unspecified key bindings, aka Bug ID CSCtn04521.

6.2

CVE-2012-4096

  • EPSS 0.06%
  • Published 01.10.2013 00:55:12
  • Last modified 11.04.2025 00:51:21

The local file editor in the Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands,...

6.5

CVE-2012-1313

  • EPSS 0.13%
  • Published 27.09.2013 20:55:03
  • Last modified 11.04.2025 00:51:21

The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local users to gain privileges via malformed show-macstats parameters, aka Bug ID CSCub13772.

5.8

CVE-2012-4092

  • EPSS 0.26%
  • Published 26.09.2013 14:16:22
  • Last modified 11.04.2025 00:51:21

The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle attackers to read or modify an inter-device data stream by ...

4.3

CVE-2012-4088

  • EPSS 0.34%
  • Published 26.09.2013 14:16:22
  • Last modified 11.04.2025 00:51:21

The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging knowledge of this password, aka Bug ID CSCtg20769.

5

CVE-2012-4079

  • EPSS 0.47%
  • Published 26.09.2013 14:16:06
  • Last modified 11.04.2025 00:51:21

The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service (API service outage) via a malformed XML document in a packet, aka Bug ID CSCtg48206.

5.1

CVE-2012-4086

  • EPSS 0.64%
  • Published 25.09.2013 10:31:26
  • Last modified 11.04.2025 00:51:21

A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790.

6.6

CVE-2012-4089

  • EPSS 0.13%
  • Published 24.09.2013 10:35:51
  • Last modified 11.04.2025 00:51:21

MCTOOLS in the fabric interconnect in Cisco Unified Computing System (UCS) allows local users to execute arbitrary Baseboard Management Controller (BMC) commands by leveraging (1) local, (2) shell-level, or (3) debug-level privileges at the operating...

5

CVE-2012-4085

  • EPSS 0.36%
  • Published 24.09.2013 10:35:51
  • Last modified 11.04.2025 00:51:21

The Intelligent Platform Management Interface (IPMI) implementation in the Blade Management Controller in Cisco Unified Computing System (UCS) allows remote attackers to enumerate valid usernames by observing IPMI interface responses, aka Bug ID CSCt...