CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-1313

Cisco UCS Invicta C3124SA Appliance 4.3.1 through 5.0.1, UCS Invicta Scaling System and Appliance, and Whiptail Racerunner improperly store a default SSH private key, which allows remote attackers to obtain root access via unspecified vectors, aka Bug ID CSCun71294.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.2%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-ucs
http://www.securitytracker.com/id/1035496
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-ucs
http://www.securitytracker.com/id/1035496

Products affected by CVE-2016-1313

Cisco » Ucs Invicta C3124sa Appliance » Version: 4.3.1

cpe:2.3:a:cisco:ucs_invicta_c3124sa_appliance:4.3.1
Cisco » Ucs Invicta C3124sa Appliance » Version: 4.5.0

cpe:2.3:a:cisco:ucs_invicta_c3124sa_appliance:4.5.0
Cisco » Ucs Invicta C3124sa Appliance » Version: 5.0.1

cpe:2.3:a:cisco:ucs_invicta_c3124sa_appliance:5.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-1313

Products

Pricing

Contact Us