Vulnerabilities > Cisco > UCS 6332 16Up Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-23 CVE-2023-20015 OS Command Injection vulnerability in Cisco products
A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands.
local
low complexity
cisco CWE-78
6.7
2023-02-23 CVE-2023-20016 Use of Insufficiently Random Values vulnerability in Cisco products
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files.
local
low complexity
cisco CWE-330
6.5