CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-0113

A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the daemon user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by posting a crafted request to the user interface of Cisco UCS Central. This vulnerability affects Cisco UCS Central Software prior to Release 2.0(1c). Cisco Bug IDs: CSCve70825.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 77.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

http://www.securityfocus.com/bid/102966
http://www.securitytracker.com/id/1040337
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-ucsc
http://www.securityfocus.com/bid/102966
http://www.securitytracker.com/id/1040337
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-ucsc

Products affected by CVE-2018-0113

Cisco » Unified Computing System Central Software » Version: 1.5(1c)

cpe:2.3:a:cisco:unified_computing_system_central_software:1.5(1c)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0113

Products

Pricing

Contact Us