VYPR

UCS Director Express for Big Data

by Cisco Systems, Inc.

CVEs (16)

  • CVE-2020-3243CriApr 15, 2020
    risk 0.74cvss 9.8epss 0.88

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2019-1937CriAug 21, 2019
    risk 0.73cvss 9.8epss 0.76

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to acquire a valid session token with administrator…

  • CVE-2019-1935CriAug 21, 2019
    risk 0.73cvss 9.8epss 0.83

    A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which…

  • CVE-2020-3250CriApr 15, 2020
    risk 0.72cvss 9.8epss 0.60

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2020-3248CriApr 15, 2020
    risk 0.70cvss 9.8epss 0.74

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2020-3247CriApr 15, 2020
    risk 0.70cvss 9.8epss 0.75

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2019-1974CriAug 21, 2019
    risk 0.64cvss 9.8epss 0.04

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an…

  • CVE-2019-1938CriAug 21, 2019
    risk 0.64cvss 9.8epss 0.05

    A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The…

  • CVE-2020-3239HigApr 15, 2020
    risk 0.63cvss 8.8epss 0.74

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2020-3251HigApr 15, 2020
    risk 0.62cvss 8.8epss 0.62

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2019-1936HigAug 21, 2019
    risk 0.53cvss 7.2epss 0.39

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux…

  • CVE-2020-3249HigApr 15, 2020
    risk 0.51cvss 7.5epss 0.23

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2020-3240HigApr 15, 2020
    risk 0.51cvss 7.3epss 0.39

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2019-12634HigAug 21, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The…

  • CVE-2020-3252MedApr 15, 2020
    risk 0.43cvss 6.5epss 0.05

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2020-3329MedMay 6, 2020
    risk 0.28cvss 4.3epss 0.01

    A vulnerability in role-based access control of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. The…