Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cisco unified computing system performance manager 1.1.1 vulnerabilities and exploits

(subscribe to this query)
8.8
CVSSv3
CVE-2016-1374
The web framework in Cisco Unified Computing System (UCS) Performance Manager 2.0.0 and previous versions allows remote authenticated users to execute arbitrary commands via crafted parameters in a GET request, aka Bug ID CSCuy07827.
Cisco Unified Computing System Performance Manager 2.0.0Cisco Unified Computing System Performance Manager 1.1.1Cisco Unified Computing System Performance Manager 1.1.0Cisco Unified Computing System Performance Manager 1.0 Base
NA
CVE-2015-1788
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL prior to 0.9.8s, 1.0.0 prior to 1.0.0e, 1.0.1 prior to 1.0.1n, and 1.0.2 prior to 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows re...
Openssl OpensslOpenssl Openssl 1.0.1mOpenssl Openssl 1.0.2aOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.1Openssl Openssl 1.0.0cOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0Openssl Openssl 1.0.1hOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0pOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1d
7.5
CVSSv3
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0Openssl Openssl 1.1.0cOpenssl Openssl 1.1.0dOpenssl Openssl 1.1.0aOpenssl Openssl 1.1.0bHp Operations Agent 11.15Hp Operations Agent 11.14
7.5
CVSSv3
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0cOpenssl Openssl 1.1.0Openssl Openssl 1.1.0bOpenssl Openssl 1.1.0aOracle Agile Engineering Data Management 6.2.0Oracle Jd Edwards World Security A9.2Oracle Communications Eagle Lnp Application Processor 10.1Oracle Communications Application Session Controller 3.7.1Oracle Jd Edwards World Security A9.4Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Communications Operations Monitor 3.4Oracle Communications Operations Monitor 4.0Oracle Agile Engineering Data Management 6.1.3Oracle Jd Edwards World Security A9.1Oracle Jd Edwards World Security A9.3Oracle Communications Eagle Lnp Application Processor 10.0Oracle Communications Eagle Lnp Application Processor 10.2Oracle Communications Application Session Controller 3.8.0
5.9
CVSSv3
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Freebsd Freebsd 12.2Netapp Santricity Smi-s Provider -Netapp Snapcenter -Netapp Oncommand Workflow Automation -Netapp Storagegrid -Netapp Oncommand Insight -Netapp Ontap Select Deploy Administration Utility -Netapp Active Iq Unified Manager -Netapp Cloud Volumes Ontap Mediator -Netapp E-series Performance Analyzer -Tenable Tenable.scTenable NessusTenable Nessus Network Monitor 5.11.1Tenable Nessus Network Monitor 5.12.0Tenable Nessus Network Monitor 5.12.1Tenable Nessus Network Monitor 5.13.0Tenable Nessus Network Monitor 5.11.0Tenable Log Correlation EngineFedoraproject Fedora 34
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook