CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-4072

The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers, and read keyboard and mouse events, by leveraging knowledge of this certificate's private key, aka Bug ID CSCte90327.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.1%

CVSS Severity

CVSS v2 Score 4.3

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4072
http://www.securitytracker.com/id/1029067
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4072
http://www.securitytracker.com/id/1029067

Products affected by CVE-2012-4072

Cisco » Unified Computing System » Version: N/A

cpe:2.3:h:cisco:unified_computing_system:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-4072

Products

Pricing

Contact Us