CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Cisco: >> Unified Computing System Central Software >> 1.3(0.99) Security Vulnerabilities

CVE-2021-1354

A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an authenticated, adjacent attacker to register a rogue Cisco Unified Computing System Manager (UCSM). This vulnerability is due to improper certificate validation. An attacker could exploit this vulnerability by sending a crafted HTTP request to the registration API. A successful exploit could allow the attacker to register a rogue Cisco UCSM and gain access to Cisco UCS Central Software data and Cisco UCSM inventory data.

CVSS Score

4.3

EPSS Score

0.0

Published

2021-02-04

CVE-2015-4286

The web framework in Cisco UCS Central Software 1.3(0.99) allows remote attackers to read arbitrary files via a crafted HTTP request, aka Bug ID CSCuu41377.

CVSS Score

5.0

EPSS Score

0.001

Published

2015-07-29

Page 1

Vulnerabilities

Vulnerable Software

Cisco: >> Unified Computing System Central Software >> 1.3(0.99) Security Vulnerabilities

Products

Pricing

Contact Us