Vulnerabilities > Cisco > UCS E180D M3 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-16 CVE-2023-20228 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input.
network
low complexity
cisco CWE-79
6.1
2021-05-06 CVE-2021-1397 Unspecified vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
network
low complexity
cisco
6.1
2018-06-21 CVE-2018-0362 Improper Authentication vulnerability in Cisco products
A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user.
low complexity
cisco CWE-287
4.3