VYPR

Ucs Director

by Cisco Systems, Inc.

CVEs (26)

  • CVE-2020-3243CriApr 15, 2020
    risk 0.74cvss 9.8epss 0.88

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2019-1937CriAug 21, 2019
    risk 0.73cvss 9.8epss 0.76

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to acquire a valid session token with administrator…

  • CVE-2019-1935CriAug 21, 2019
    risk 0.73cvss 9.8epss 0.83

    A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which…

  • CVE-2020-3250CriApr 15, 2020
    risk 0.72cvss 9.8epss 0.60

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2020-3248CriApr 15, 2020
    risk 0.70cvss 9.8epss 0.74

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2020-3247CriApr 15, 2020
    risk 0.70cvss 9.8epss 0.75

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2019-1974CriAug 21, 2019
    risk 0.64cvss 9.8epss 0.04

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an…

  • CVE-2019-1938CriAug 21, 2019
    risk 0.64cvss 9.8epss 0.05

    A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The…

  • CVE-2020-3239HigApr 15, 2020
    risk 0.63cvss 8.8epss 0.74

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2020-3251HigApr 15, 2020
    risk 0.62cvss 8.8epss 0.62

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2019-1936HigAug 21, 2019
    risk 0.53cvss 7.2epss 0.39

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux…

  • CVE-2020-3249HigApr 15, 2020
    risk 0.51cvss 7.5epss 0.23

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2020-3240HigApr 15, 2020
    risk 0.51cvss 7.3epss 0.39

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2020-3252MedApr 15, 2020
    risk 0.43cvss 6.5epss 0.05

    Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the…

  • CVE-2020-3241MedJun 18, 2020
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the orchestration tasks of Cisco UCS Director could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input on the web-based management…

  • CVE-2018-15405MedOct 5, 2018
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the web interface for specific feature sets of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to an authorization check that…

  • CVE-2018-15404MedOct 5, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient…

  • CVE-2018-15406MedOct 5, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due…

  • CVE-2018-0219MedMar 8, 2018
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web-based management interface of Cisco Unified Computing System (UCS) Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2019-16003MedJan 26, 2020
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to download system log files from an affected device. The vulnerability is due to an issue in the authentication logic of the web-based management…

Page 1 of 2