Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unified computing system vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2015-4279
The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect, aka Bug ID CSCut32778.
Cisco Unified Computing System 2.2\\(3b\\)
7.2
CVSSv2
CVE-2014-8003
Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and previous versions allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998.
Cisco Unified Computing System
4.3
CVSSv2
CVE-2017-3868
A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. More Information: CSCvc4434...
Cisco Unified Computing System Director 6.0\\(0.0\\)
7.5
CVSSv2
CVE-2016-1352
Cisco Unified Computing System (UCS) Central Software 1.3(1b) and previous versions allows remote malicious users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuv33856.
Cisco Unified Computing System Central Software 1.3\\(0.1\\)
1 Article
4.3
CVSSv2
CVE-2016-1401
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Computing System (UCS) Central Software 1.4(1a) allows remote malicious users to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCuy91250.
Cisco Unified Computing System Central Software 1.4\\(1a\\)
5
CVSSv2
CVE-2015-4286
The web framework in Cisco UCS Central Software 1.3(0.99) allows remote malicious users to read arbitrary files via a crafted HTTP request, aka Bug ID CSCuu41377.
Cisco Unified Computing System Central Software 1.3\\(0.99\\)
6.8
CVSSv2
CVE-2012-4084
Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755.
Cisco Unified Computing System -
6.8
CVSSv2
CVE-2014-7996
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477.
Cisco Unified Computing System -
9
CVSSv2
CVE-2019-1863
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote malicious user to make unauthorized changes to the system configuration. The vulnerability is due to insufficient authorization enfo...
Cisco Unified Computing System 4.0\\(1c\\)hs3
Cisco Integrated Management Controller Supervisor
1 Article
4.3
CVSSv2
CVE-2015-0599
The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) on C-Series Rack Servers does not properly restrict use of IFRAME elements, which makes it easier for remote malicious users to conduct clickjacking attacks and unspecified other a...
Cisco Unified Computing System -
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »