Shodan
Vulnerabilities
Vulnerable Software
Cisco:  >> Unified Computing System  Security Vulnerabilities
CVE-2012-4105
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (component crash) via crafted "debug hardware" parameters, aka Bug ID CSCtq86468.
CVSS Score
4.6
EPSS Score
0.001
Published
2013-10-13
CVE-2012-4084
Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755.
CVSS Score
6.8
EPSS Score
0.002
Published
2013-10-05
CVE-2012-4136
The high-availability service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) does not properly bind the cluster service to the management interface, which allows remote attackers to obtain sensitive information or cause a denial of service (peer-syncing outage) via a TELNET connection, aka Bug ID CSCtz72910.
CVSS Score
6.8
EPSS Score
0.004
Published
2013-10-03
CVE-2012-4102
The activate firmware command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02600.
CVSS Score
6.8
EPSS Score
0.001
Published
2013-10-02
CVE-2012-4103
ethanalyzer in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02686.
CVSS Score
6.8
EPSS Score
0.001
Published
2013-10-02
CVE-2012-4104
Absolute path traversal vulnerability in the image-download process in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to overwrite or delete arbitrary files via a full pathname in an image header, aka Bug ID CSCtq02706.
CVSS Score
6.6
EPSS Score
0.001
Published
2013-10-02
CVE-2012-4109
The clear sshkey command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86559.
CVSS Score
6.8
EPSS Score
0.001
Published
2013-10-02
CVE-2012-4110
run-script in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86560.
CVSS Score
6.8
EPSS Score
0.001
Published
2013-10-02
CVE-2012-4111
The create certreq command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86563.
CVSS Score
6.8
EPSS Score
0.001
Published
2013-10-02
CVE-2012-4095
The local file editor in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges, and read or modify arbitrary files, via unspecified key bindings, aka Bug ID CSCtn04521.
CVSS Score
5.5
EPSS Score
0.001
Published
2013-10-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved