CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-4259

The Integrated Management Controller on Cisco Unified Computing System (UCS) C servers with software 1.5(3) and 1.6(0.16) has a default SSL certificate, which makes it easier for man-in-the-middle attackers to bypass cryptographic protection mechanisms by leveraging knowledge of a private key, aka Bug IDs CSCum56133 and CSCum56177.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.2%

CVSS Severity

CVSS v2 Score 4.3

References

http://tools.cisco.com/security/center/viewAlert.x?alertId=39803
http://www.securitytracker.com/id/1032872
http://tools.cisco.com/security/center/viewAlert.x?alertId=39803
http://www.securitytracker.com/id/1032872

Products affected by CVE-2015-4259

Cisco » Unified Computing System » Version: 1.5(3)

cpe:2.3:a:cisco:unified_computing_system:1.5(3)
Cisco » Unified Computing System » Version: 1.6(0.16)

cpe:2.3:a:cisco:unified_computing_system:1.6(0.16)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4259

Products

Pricing

Contact Us