Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unified computing system vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2012-4115
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM virtual-media data, which allows man-in-the-middle malicious users to obtain sensitive information by sniffing the network or modify this traffic by inserting packets into the client-se...
Cisco Unified Computing System -
5.8
CVSSv2
CVE-2012-4117
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not properly verify X.509 certificates, which allows man-in-the-middle malicious users to watch SSL KVM video-channel traffic or modify this traffic via a crafted certificate, aka Bug ID CSCtr73033.
Cisco Unified Computing System -
4.3
CVSSv2
CVE-2015-6387
Cross-site scripting (XSS) vulnerability in Cisco Unified Computing System (UCS) Central Software 1.3(0.1) allows remote malicious users to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCux33573.
Cisco Unified Computing System Central Software 1.3\\(0.1\\)
5.8
CVSSv2
CVE-2012-4073
The KVM subsystem in the client in Cisco Unified Computing System (UCS) does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers, and read or modify KVM data, via a crafted certificate, aka Bug ID CSCte90332.
Cisco Unified Computing System -
5.8
CVSSv2
CVE-2012-4074
The Board Management Controller (BMC) in the Serial over LAN (SoL) subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded private key, which allows man-in-the-middle malicious users to obtain sensitive information or modify the data stream by leveraging knowledge...
Cisco Unified Computing System -
4.6
CVSSv2
CVE-2012-4093
The Manager component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via an invalid Smart Call Home contact address, aka Bug ID CSCtl00186.
Cisco Unified Computing System -
4.3
CVSSv2
CVE-2012-4072
The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers, and read keyboard and mouse events, by leveraging knowledge of this certificate's private key, aka Bug ID C...
Cisco Unified Computing System -
6.8
CVSSv2
CVE-2012-4082
MCTools in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to gain privileges by entering crafted command-line parameters on a Fabric Interconnect device, aka Bug ID CSCtg20749.
Cisco Unified Computing System -
4
CVSSv2
CVE-2012-4083
Multiple buffer overflows in the administrative web interface in Cisco Unified Computing System (UCS) allow remote authenticated users to cause a denial of service (memory corruption and session termination) via long string values for unspecified parameters, aka Bug ID CSCtg20751...
Cisco Unified Computing System -
5.4
CVSSv2
CVE-2012-4094
Buffer overflow in the Smart Call Home feature in the fabric interconnect in Cisco Unified Computing System (UCS) allows remote malicious users to cause a denial of service by reading and forging control messages associated with Smart Call Home reports, aka Bug ID CSCtl00198.
Cisco Unified Computing System -
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »