Published: 20/09/2013 Updated: 31/10/2016
CVSS v2 Base Score: 4.6 | Impact Score: 6.9 | Exploitability Score: 3.1
VMScore: 409
Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C

Vulnerability Summary

MCServer in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (application crash) via invalid MCTools parameters, aka Bug ID CSCtg20734.

Affected Products

Vendor Product Versions
CiscoUnified Computing System1.0(2k), 1.0 Base, 1.1 Base, 1.2(1d), 1.2 Base, 1.3(1c), 1.3(1m), 1.3(1n), 1.3(1o), 1.3(1p), 1.3(1q), 1.3(1t), 1.3(1w), 1.3(1y), 1.3 Base, 1.4(1m), 1.4 Base

Vendor Advisories

A vulnerability in the Cisco Management Controller of the Cisco Unified Computing System could allow an authenticated, local attacker to trigger a denial of service (DoS) condition The vulnerability is due to improper parameter input validation An attacker could exploit this vulnerability by providing invalid parameters to the MCTools applicatio ...