VYPR

Unified Computing System

by Cisco Systems, Inc.

CVEs (124)

  • CVE-2012-4116Oct 19, 2013
    risk 0.00cvss epss 0.01

    The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete the authentication process for a server connection, by sniffing the network, aka…

  • CVE-2012-4114Oct 19, 2013
    risk 0.00cvss epss 0.01

    The fabric-interconnect KVM module in Cisco Unified Computing System (UCS) does not encrypt video data, which allows man-in-the-middle attackers to watch KVM display content by sniffing the network or modify this traffic by inserting packets into the client-server data stream,…

  • CVE-2012-4113Oct 19, 2013
    risk 0.00cvss epss 0.00

    The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and read arbitrary files via crafted command parameters within the command-line interface, aka Bug ID CSCtr43374.

  • CVE-2012-4112Oct 19, 2013
    risk 0.00cvss epss 0.00

    The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the command-line interface, aka Bug ID CSCtr43330.

  • CVE-2012-4108Oct 13, 2013
    risk 0.00cvss epss 0.00

    The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554.

  • CVE-2012-4107Oct 13, 2013
    risk 0.00cvss epss 0.00

    The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted parameters to a file-related command, aka Bug ID CSCtq86489.

  • CVE-2012-4106Oct 13, 2013
    risk 0.00cvss epss 0.00

    The fabric-interconnect component in Cisco Unified Computing System (UCS) uses the same privilege level for execution of every script, which allows local users to gain privileges and execute arbitrary commands via an unspecified script-execution approach, aka Bug ID CSCtq86477.

  • CVE-2012-4105Oct 13, 2013
    risk 0.00cvss epss 0.00

    The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (component crash) via crafted "debug hardware" parameters, aka Bug ID CSCtq86468.

  • CVE-2012-4084Oct 5, 2013
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755.

  • CVE-2012-4136Oct 3, 2013
    risk 0.00cvss epss 0.01

    The high-availability service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) does not properly bind the cluster service to the management interface, which allows remote attackers to obtain sensitive information or cause a denial of service…

  • CVE-2012-4111Oct 2, 2013
    risk 0.00cvss epss 0.00

    The create certreq command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86563.

  • CVE-2012-4110Oct 2, 2013
    risk 0.00cvss epss 0.00

    run-script in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86560.

  • CVE-2012-4109Oct 2, 2013
    risk 0.00cvss epss 0.00

    The clear sshkey command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86559.

  • CVE-2012-4104Oct 2, 2013
    risk 0.00cvss epss 0.00

    Absolute path traversal vulnerability in the image-download process in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to overwrite or delete arbitrary files via a full pathname in an image header, aka Bug ID CSCtq02706.

  • CVE-2012-4103Oct 2, 2013
    risk 0.00cvss epss 0.00

    ethanalyzer in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02686.

  • CVE-2012-4102Oct 2, 2013
    risk 0.00cvss epss 0.00

    The activate firmware command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02600.

  • CVE-2012-4095Oct 2, 2013
    risk 0.00cvss epss 0.00

    The local file editor in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges, and read or modify arbitrary files, via unspecified key bindings, aka Bug ID CSCtn04521.

  • CVE-2012-4096Oct 1, 2013
    risk 0.00cvss epss 0.00

    The local file editor in the Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands, aka Bug ID CSCtn06574.

  • CVE-2012-1313Sep 27, 2013
    risk 0.00cvss epss 0.00

    The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local users to gain privileges via malformed show-macstats parameters, aka Bug ID CSCub13772.

  • CVE-2012-4092Sep 26, 2013
    risk 0.00cvss epss 0.01

    The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle attackers to read or modify an inter-device data stream by spoofing an identity, aka Bug…

Page 5 of 7