Vulnerabilities > Cisco > UCS 64108 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-02-23 CVE-2023-20012 Improper Authentication vulnerability in Cisco products
A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender (FEX) when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication.
low complexity
cisco CWE-287
4.6
2023-02-23 CVE-2023-20015 OS Command Injection vulnerability in Cisco products
A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands.
local
low complexity
cisco CWE-78
6.7
2023-02-23 CVE-2023-20016 Use of Insufficiently Random Values vulnerability in Cisco products
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files.
local
low complexity
cisco CWE-330
6.5