Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco ucs central software vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-6388
Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows remote malicious users to conduct server-side request forgery (SSRF) attacks via a crafted request, aka Bug ID CSCux33575.
Cisco Unified Computing System Central Software 1.3(0.1)
NA
CVE-2015-6387
Cross-site scripting (XSS) vulnerability in Cisco Unified Computing System (UCS) Central Software 1.3(0.1) allows remote malicious users to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCux33573.
Cisco Unified Computing System Central Software 1.3(0.1)
NA
CVE-2015-4183
Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795.
Cisco Unified Computing System 1.2(1a)
NA
CVE-2015-0701
Cisco UCS Central Software prior to 1.3(1a) allows remote malicious users to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961.
Cisco Unified Computing System Central Software 1.2(1a)
Cisco Unified Computing System Central Software 1.2(1f)
Cisco Unified Computing System Central Software 1.0 Base
Cisco Unified Computing System Central Software 1.1 Base
Cisco Unified Computing System Central Software 1.2(1e)
Cisco Unified Computing System Central Software 1.2(1d)
1 Article
7.5
CVSSv3
CVE-2018-0094
A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition due to high CPU utilization on the targeted device. The vulnerability is due to insufficient rate li...
Cisco Unified Computing System Central Software 1.4(1a)
8.8
CVSSv3
CVE-2018-0113
A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote malicious user to execute arbitrary shell commands with the privileges of the daemon user. The vulnerability is due to insufficient input validation. An attacker could exploit this v...
Cisco Unified Computing System Central Software 1.5(1c)
5.4
CVSSv3
CVE-2017-12348
Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interf...
Cisco Unified Computing System Central Software 2.2(1a)a
5.4
CVSSv3
CVE-2017-12349
Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interf...
Cisco Unified Computing System Central Software 2.2(1a)a
6.5
CVSSv3
CVE-2023-20016
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and conf...
Cisco Ucs Central Software
Cisco Ucs 6536 Firmware -
Cisco Ucs 64108 Firmware -
Cisco Ucs 6454 Firmware -
Cisco Ucs 6200 Firmware -
Cisco Ucs 6248up Firmware -
Cisco Ucs 6296up Firmware -
Cisco Ucs 6300 Firmware -
Cisco Ucs 6324 Firmware -
Cisco Ucs 6332 Firmware -
Cisco Ucs 6332-16up Firmware -
Cisco Fxos
1 Github repository
6.7
CVSSv3
CVE-2017-12255
A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local malicious user to gain shell access. The vulnerability is due to insufficient input validation of commands entered in the CLI, aka a Restricted Shell Break Vulnerability. An attacker coul...
Cisco Unified Computing System 1.5(1c)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »