Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-09-26 | CVE-2012-4079 | Improper Input Validation vulnerability in Cisco Unified Computing System The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service (API service outage) via a malformed XML document in a packet, aka Bug ID CSCtg48206. | 5.0 |
| 2013-09-25 | CVE-2012-4086 | Command Injection vulnerability in Cisco Unified Computing System A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790. | 5.1 |
| 2013-09-24 | CVE-2012-4094 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Unified Computing System Buffer overflow in the Smart Call Home feature in the fabric interconnect in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service by reading and forging control messages associated with Smart Call Home reports, aka Bug ID CSCtl00198. | 5.4 |
| 2013-09-24 | CVE-2012-4089 | Improper Input Validation vulnerability in Cisco Unified Computing System MCTOOLS in the fabric interconnect in Cisco Unified Computing System (UCS) allows local users to execute arbitrary Baseboard Management Controller (BMC) commands by leveraging (1) local, (2) shell-level, or (3) debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239. | 6.6 |
| 2013-09-24 | CVE-2012-4087 | Improper Input Validation vulnerability in Cisco Unified Computing System A cluster setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20793. | 5.1 |
| 2013-09-24 | CVE-2012-4085 | Improper Input Validation vulnerability in Cisco Unified Computing System The Intelligent Platform Management Interface (IPMI) implementation in the Blade Management Controller in Cisco Unified Computing System (UCS) allows remote attackers to enumerate valid usernames by observing IPMI interface responses, aka Bug ID CSCtg20761. | 5.0 |
| 2013-09-24 | CVE-2012-4078 | Improper Authentication vulnerability in Cisco Unified Computing System The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656. | 8.5 |
| 2013-09-23 | CVE-2013-5502 | Permissions, Privileges, and Access Controls vulnerability in Cisco Mediasense The web interface in Cisco MediaSense does not properly protect the client-server communication channel, which allows remote attackers to obtain sensitive query string or cookie information via unspecified vectors, aka Bug ID CSCuj23344. | 5.0 |
| 2013-09-23 | CVE-2013-5490 | Information Exposure vulnerability in Cisco Prime Data Center Network Manager Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCud80148. | 7.8 |
| 2013-09-23 | CVE-2013-5487 | Information Exposure vulnerability in Cisco Prime Data Center Network Manager DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCue77029. | 7.8 |