Vulnerabilities > Cisco > Unified Computing System Director > 6.0.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-07 | CVE-2017-3817 | Incorrect Authorization vulnerability in Cisco Unified Computing System Director 5.5.0.1/6.0.0.0 A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. | 4.0 |
| 2017-03-17 | CVE-2017-3868 | Cross-site Scripting vulnerability in Cisco Unified Computing System Director 6.0(0.0) A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2017-02-15 | CVE-2017-3801 | Incorrect Authorization vulnerability in Cisco Unified Computing System Director 6.0.0.0/6.0.0.1 A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a Privilege Escalation Vulnerability. | 4.6 |