Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified computing system - vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2012-4115
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM virtual-media data, which allows man-in-the-middle malicious users to obtain sensitive information by sniffing the network or modify this traffic by inserting packets into the client-se...
Cisco Unified Computing System -
5.8
CVSSv2
CVE-2012-4117
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not properly verify X.509 certificates, which allows man-in-the-middle malicious users to watch SSL KVM video-channel traffic or modify this traffic via a crafted certificate, aka Bug ID CSCtr73033.
Cisco Unified Computing System -
4.3
CVSSv2
CVE-2015-6387
Cross-site scripting (XSS) vulnerability in Cisco Unified Computing System (UCS) Central Software 1.3(0.1) allows remote malicious users to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCux33573.
Cisco Unified Computing System Central Software 1.3\\(0.1\\)
4.3
CVSSv2
CVE-2012-4072
The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers, and read keyboard and mouse events, by leveraging knowledge of this certificate's private key, aka Bug ID C...
Cisco Unified Computing System -
5.8
CVSSv2
CVE-2012-4074
The Board Management Controller (BMC) in the Serial over LAN (SoL) subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded private key, which allows man-in-the-middle malicious users to obtain sensitive information or modify the data stream by leveraging knowledge...
Cisco Unified Computing System -
4
CVSSv2
CVE-2012-4083
Multiple buffer overflows in the administrative web interface in Cisco Unified Computing System (UCS) allow remote authenticated users to cause a denial of service (memory corruption and session termination) via long string values for unspecified parameters, aka Bug ID CSCtg20751...
Cisco Unified Computing System -
4.6
CVSSv2
CVE-2012-4093
The Manager component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via an invalid Smart Call Home contact address, aka Bug ID CSCtl00186.
Cisco Unified Computing System -
5.8
CVSSv2
CVE-2012-4073
The KVM subsystem in the client in Cisco Unified Computing System (UCS) does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers, and read or modify KVM data, via a crafted certificate, aka Bug ID CSCte90332.
Cisco Unified Computing System -
6.8
CVSSv2
CVE-2012-4082
MCTools in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to gain privileges by entering crafted command-line parameters on a Fabric Interconnect device, aka Bug ID CSCtg20749.
Cisco Unified Computing System -
5.4
CVSSv2
CVE-2012-4094
Buffer overflow in the Smart Call Home feature in the fabric interconnect in Cisco Unified Computing System (UCS) allows remote malicious users to cause a denial of service by reading and forging control messages associated with Smart Call Home reports, aka Bug ID CSCtl00198.
Cisco Unified Computing System -
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »