Published: 04/02/2021 Updated: 07/11/2023

CVSS v2 Base Score: 2.7 | Impact Score: 2.9 | Exploitability Score: 5.1

CVSS v3 Base Score: 3.5 | Impact Score: 1.4 | Exploitability Score: 2.1

VMScore: 240

Vector: AV:A/AC:L/Au:S/C:P/I:N/A:N

A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an authenticated, adjacent malicious user to register a rogue Cisco Unified Computing System Manager (UCSM). This vulnerability is due to improper certificate validation. An attacker could exploit this vulnerability by sending a crafted HTTP request to the registration API. A successful exploit could allow the malicious user to register a rogue Cisco UCSM and gain access to Cisco UCS Central Software data and Cisco UCSM inventory data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco unified computing system central software

A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an authenticated, adjacent attacker to register a rogue Cisco Unified Computing System Manager (UCSM) This vulnerability is due to improper certificate validation An attacker could exploit this vulnerability by sending a cr ...

CWE-295 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-invcert-eOpRvCKH https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-invcert-eOpRvCKH

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-1354

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect