Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unified computing system central software vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-4183
Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795.
Cisco Unified Computing System 1.2(1a)
5.4
CVSSv3
CVE-2017-12348
Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interf...
Cisco Unified Computing System Central Software 2.2(1a)a
5.4
CVSSv3
CVE-2017-12349
Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interf...
Cisco Unified Computing System Central Software 2.2(1a)a
6.7
CVSSv3
CVE-2017-12255
A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local malicious user to gain shell access. The vulnerability is due to insufficient input validation of commands entered in the CLI, aka a Restricted Shell Break Vulnerability. An attacker coul...
Cisco Unified Computing System 1.5(1c)
3.5
CVSSv3
CVE-2021-1354
A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an authenticated, adjacent malicious user to register a rogue Cisco Unified Computing System Manager (UCSM). This vulnerability is due to improper certific...
Cisco Unified Computing System Central Software
NA
CVE-2012-4092
The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle malicious users to read or modify an inter-device data stream by spoofing an identity, ak...
Cisco Unified Computing System -
NA
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons Collections
Apache Commons Collections 4.0
5 Github repositories
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1182 Github repositories
28 Articles
8.8
CVSSv3
CVE-2015-7849
Use-after-free vulnerability in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Ntp Ntp 4.2.8
Ntp Ntp
Netapp Oncommand Balance -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Oncommand Unified Manager -
Netapp Oncommand Performance Manager -
9.8
CVSSv3
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a negative input value.
Ntp Ntp 4.2.8
Ntp Ntp
Netapp Oncommand Balance -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Oncommand Unified Manager -
Netapp Oncommand Performance Manager -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »