Vulnerabilities > Cisco > Unified Computing System Integrated Management Controller
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-04-25 | CVE-2013-1186 | Improper Authentication vulnerability in Cisco products Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746. | 7.5 |
2013-04-25 | CVE-2013-1185 | Information Exposure vulnerability in Cisco products The web interface in the Manager component in Cisco Unified Computing System (UCS) 1.x and 2.x before 2.0(2m) allows remote attackers to obtain sensitive information by reading a (1) technical-support bundle file or (2) on-device configuration backup, aka Bug ID CSCtq86543. | 9.3 |
2013-04-25 | CVE-2013-1184 | Improper Input Validation vulnerability in Cisco products The management API in the XML API management service in the Manager component in Cisco Unified Computing System (UCS) 1.x before 1.2(1b) allows remote attackers to cause a denial of service (service outage) via a malformed request, aka Bug ID CSCtg48206. | 7.8 |
2013-04-25 | CVE-2013-1182 | Permissions, Privileges, and Access Controls vulnerability in Cisco products The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207. | 9.3 |