Cisco

Unified Computing System

40 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-0599

  • EPSS 0.42%
  • Veröffentlicht 03.02.2015 22:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) on C-Series Rack Servers does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks...

6.8

CVE-2014-7996

  • EPSS 0.17%
  • Veröffentlicht 18.11.2014 23:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477.

4.6

CVE-2013-5550

  • EPSS 0.08%
  • Veröffentlicht 22.10.2013 11:17:15
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via crafted command parameters that trigger hardware-component write operations, aka Bug ID CSCtq86549.

5.8

CVE-2012-4115

  • EPSS 0.26%
  • Veröffentlicht 21.10.2013 10:50:23
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM virtual-media data, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify this traffic by inserting pa...

5.8

CVE-2012-4117

  • EPSS 0.14%
  • Veröffentlicht 19.10.2013 10:36:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not properly verify X.509 certificates, which allows man-in-the-middle attackers to watch SSL KVM video-channel traffic or modify this traffic via a crafted certificate, a...

4.3

CVE-2012-4116

  • EPSS 0.27%
  • Veröffentlicht 19.10.2013 10:36:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete the authentication process for a server connection,...

5.8

CVE-2012-4114

  • EPSS 0.26%
  • Veröffentlicht 19.10.2013 10:36:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The fabric-interconnect KVM module in Cisco Unified Computing System (UCS) does not encrypt video data, which allows man-in-the-middle attackers to watch KVM display content by sniffing the network or modify this traffic by inserting packets into the...

4.6

CVE-2012-4113

  • EPSS 0.06%
  • Veröffentlicht 19.10.2013 10:36:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and read arbitrary files via crafted command parameters within the command-line interface, aka Bug ID CSCtr43374.

6.8

CVE-2012-4112

  • EPSS 0.08%
  • Veröffentlicht 19.10.2013 10:36:06
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the command-line interface, aka Bug ID CSCtr43330.

6.8

CVE-2012-4108

  • EPSS 0.3%
  • Veröffentlicht 13.10.2013 10:20:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554.