Total
107 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-4092 | 1 Cisco | 1 Unified Computing System | 2023-12-10 | 5.8 MEDIUM | N/A |
The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle attackers to read or modify an inter-device data stream by spoofing an identity, aka Bug ID CSCtk00683. | |||||
CVE-2012-4136 | 1 Cisco | 1 Unified Computing System | 2023-12-10 | 6.8 MEDIUM | N/A |
The high-availability service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) does not properly bind the cluster service to the management interface, which allows remote attackers to obtain sensitive information or cause a denial of service (peer-syncing outage) via a TELNET connection, aka Bug ID CSCtz72910. | |||||
CVE-2012-4103 | 1 Cisco | 1 Unified Computing System | 2023-12-10 | 6.8 MEDIUM | N/A |
ethanalyzer in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02686. | |||||
CVE-2012-4106 | 1 Cisco | 1 Unified Computing System | 2023-12-10 | 6.8 MEDIUM | N/A |
The fabric-interconnect component in Cisco Unified Computing System (UCS) uses the same privilege level for execution of every script, which allows local users to gain privileges and execute arbitrary commands via an unspecified script-execution approach, aka Bug ID CSCtq86477. | |||||
CVE-2012-4114 | 1 Cisco | 1 Unified Computing System | 2023-12-10 | 5.8 MEDIUM | N/A |
The fabric-interconnect KVM module in Cisco Unified Computing System (UCS) does not encrypt video data, which allows man-in-the-middle attackers to watch KVM display content by sniffing the network or modify this traffic by inserting packets into the client-server data stream, aka Bug ID CSCtr72949. | |||||
CVE-2012-4085 | 1 Cisco | 1 Unified Computing System | 2023-12-10 | 5.0 MEDIUM | N/A |
The Intelligent Platform Management Interface (IPMI) implementation in the Blade Management Controller in Cisco Unified Computing System (UCS) allows remote attackers to enumerate valid usernames by observing IPMI interface responses, aka Bug ID CSCtg20761. | |||||
CVE-2011-2569 | 1 Cisco | 3 Nx-os, Unified Computing System, Unified Computing System Infrastructure And Unified Computing System Software | 2023-12-10 | 6.8 MEDIUM | N/A |
Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188. |