VYPR

Unified Computing System

by Cisco Systems, Inc.

CVEs (124)

  • CVE-2015-6435CriJan 22, 2016
    risk 0.64cvss 9.8epss 0.09

    An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request,…

  • CVE-2018-0431HigOct 5, 2018
    risk 0.58cvss 8.8epss 0.04

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to…

  • CVE-2018-0430HigOct 5, 2018
    risk 0.58cvss 8.8epss 0.04

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to…

  • CVE-2017-6600HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More…

  • CVE-2017-6597HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection…

  • CVE-2016-6402HigSep 18, 2016
    risk 0.51cvss 7.8epss 0.00

    UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263.

  • CVE-2017-6633HigMay 22, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate-limiting protection. An…

  • CVE-2015-0718HigMar 3, 2016
    risk 0.49cvss 7.5epss 0.04

    Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session,…

  • CVE-2017-6601HigApr 7, 2017
    risk 0.46cvss 7.1epss 0.01

    A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More…

  • CVE-2017-12341MedNov 30, 2017
    risk 0.44cvss 6.7epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation…

  • CVE-2017-12334MedNov 30, 2017
    risk 0.44cvss 6.7epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation…

  • CVE-2017-12333MedNov 30, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker…

  • CVE-2017-12331MedNov 30, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-OS signature verification for software patches. An authenticated, local…

  • CVE-2017-12255MedSep 21, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands entered in the CLI, aka a Restricted Shell Break Vulnerability. An attacker could…

  • CVE-2017-6598MedApr 7, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary…

  • CVE-2017-12335MedNov 30, 2017
    risk 0.41cvss 6.3epss 0.01

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting…

  • CVE-2017-12329MedNov 30, 2017
    risk 0.41cvss 6.3epss 0.01

    A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the…

  • CVE-2017-6604MedApr 7, 2017
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability affects the following Cisco products running Cisco IMC Software: Unified…

  • CVE-2017-12338MedNov 30, 2017
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by…

  • CVE-2017-12332MedNov 30, 2017
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this…

Page 1 of 7