UCS

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2017-12857	Polycom UCS	Hig	0.57	8.8	0.00	Aug 25, 2017	Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. This vulnerability could allow an authenticated remote attacker to read a…
CVE-2023-38994	Polycom UCS		0.00	—	0.00	Oct 31, 2023	The 'check_univention_joinstatus' prometheus monitoring script (and other scripts) in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By…
CVE-2012-4086	Cisco Systems, Inc. Unified Computing System		0.00	—	0.01	Sep 25, 2013	A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790.

CVE-2017-12857HigAug 25, 2017
Polycom
UCS
risk 0.57cvss 8.8epss 0.00
Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. This vulnerability could allow an authenticated remote attacker to read a…
CVE-2023-38994Oct 31, 2023
Polycom
UCS
risk 0.00cvss —epss 0.00
The 'check_univention_joinstatus' prometheus monitoring script (and other scripts) in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By…
CVE-2012-4086Sep 25, 2013
Cisco Systems, Inc.
Unified Computing System
risk 0.00cvss —epss 0.01
A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790.