VYPR

Unified Computing System

by Cisco Systems, Inc.

CVEs (124)

  • CVE-2017-6602MedApr 7, 2017
    risk 0.29cvss 4.4epss 0.01

    A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. More…

  • CVE-2017-12336MedNov 30, 2017
    risk 0.27cvss 4.2epss 0.00

    A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to…

  • CVE-2020-3119Feb 5, 2020
    risk 0.01cvss epss 0.05

    A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does…

  • CVE-2020-26062Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application. The vulnerability is due to differences in authentication responses sent back from the application as…

  • CVE-2024-20365Oct 2, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to…

  • CVE-2024-20294Feb 28, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper…

  • CVE-2024-20344Feb 28, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in system resource management in Cisco UCS 6400 and 6500 Series Fabric Interconnects that are in Intersight Managed Mode (IMM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the Device Console UI of an affected…

  • CVE-2023-20200Aug 23, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of…

  • CVE-2023-20228Aug 16, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient…

  • CVE-2023-20015Feb 23, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to…

  • CVE-2023-20012Feb 23, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender (FEX) when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the…

  • CVE-2023-20016Feb 23, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and…

  • CVE-2021-34736Oct 21, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart. The vulnerability is due to insufficient input…

  • CVE-2021-1592Aug 25, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An…

  • CVE-2021-1397May 6, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in…

  • CVE-2020-3470Nov 18, 2020
    risk 0.00cvss epss 0.05

    Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for certain user-supplied input.…

  • CVE-2020-3371Nov 6, 2020
    risk 0.00cvss epss 0.02

    A vulnerability in the web UI of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary code and execute arbitrary commands at the underlying operating system level. The vulnerability is due to insufficient input…

  • CVE-2020-3504Aug 27, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An…

  • CVE-2020-3242Jun 18, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the REST API of Cisco UCS Director could allow an authenticated, remote attacker with administrative privileges to obtain confidential information from an affected device. The vulnerability exists because confidential information is returned as part of an API…

  • CVE-2020-3241Jun 18, 2020
    risk 0.00cvss epss 0.02

    A vulnerability in the orchestration tasks of Cisco UCS Director could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input on the web-based management…

Page 2 of 7