VYPR

UCS Manager Software

by Cisco Systems, Inc.

CVEs (17)

  • CVE-2015-6435CriJan 22, 2016
    risk 0.64cvss 9.8epss 0.09

    An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request,…

  • CVE-2020-3173HigFeb 26, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device. The vulnerability is due to insufficient input…

  • CVE-2020-3171HigFeb 26, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to…

  • CVE-2020-3167HigFeb 26, 2020
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could…

  • CVE-2016-6402HigSep 18, 2016
    risk 0.51cvss 7.8epss 0.00

    UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263.

  • CVE-2025-20317HigAug 27, 2025
    risk 0.46cvss 7.1epss 0.00

    A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to redirect a user to a malicious website. This vulnerability is due to insufficient verification…

  • CVE-2026-20099MedFeb 25, 2026
    risk 0.44cvss 6.7epss 0.01

    A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges…

  • CVE-2026-20036MedFeb 25, 2026
    risk 0.42cvss 6.5epss 0.00

    A vulnerability in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with valid administrative privileges to execute arbitrary commands on the underlying operating system of an affected device. …

  • CVE-2025-20294MedAug 27, 2025
    risk 0.42cvss 6.5epss 0.01

    Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. …

  • CVE-2023-20016MedFeb 23, 2023
    risk 0.41cvss 6.3epss 0.00

    A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and…

  • CVE-2025-20295MedAug 27, 2025
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system…

  • CVE-2025-20342MedAug 27, 2025
    risk 0.35cvss 5.4epss 0.00

    A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting (XSS) attack against a user of the…

  • CVE-2025-20296MedAug 27, 2025
    risk 0.35cvss 5.4epss 0.00

    A vulnerability in the web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of…

  • CVE-2026-20091MedFeb 25, 2026
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to…

  • CVE-2026-20037MedFeb 25, 2026
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager Software could allow an authenticated, local attacker with read-only privileges to modify files and perform unauthorized actions on an affected system. This vulnerability exists because unnecessary…

  • CVE-2021-1592MedAug 25, 2021
    risk 0.28cvss 4.3epss 0.01

    A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An…

  • CVE-2020-3504LowAug 27, 2020
    risk 0.21cvss 3.3epss 0.00

    A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An…