Cisco Unified Computing System contains a vulnerability that could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition. The vulnerability is due to errors in processing malicious Simple Network Management Protocol (SNMP) messages by the affected software. An authenticated, remote attacker could exploit this vulnerability by sending malicious requests to the device. Cisco confirmed the vulnerability in software release notes and issued software updates. Only attackers who can authenticate to an affected device could exploit this vulnerability, likely limiting the potential source of exploitation to authorized users. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco unified computing system infrastructure and unified computing system software 1.4\\(1j\\) |
||
cisco unified computing system infrastructure and unified computing system software 2.0\\(1q\\) |
Vulmon