Vulnerabilities > Cisco > Unified Computing System > 2.0.base
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-21 | CVE-2021-34736 | Improper Input Validation vulnerability in Cisco Unified Computing System A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart. | 7.5 |
2021-02-24 | CVE-2021-1368 | Out-of-bounds Write vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. | 8.8 |
2018-10-05 | CVE-2018-0431 | Command Injection vulnerability in Cisco Unified Computing System 2.0Base/3.0(3A)/3.1(3) A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. | 9.0 |
2018-10-05 | CVE-2018-0430 | Command Injection vulnerability in Cisco Unified Computing System 2.0Base/3.0(3A)/3.1(3) A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. | 9.0 |
2016-01-22 | CVE-2015-6435 | OS Command Injection vulnerability in Cisco products An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request, aka Bug ID CSCur90888. | 10.0 |
2014-12-10 | CVE-2014-8009 | Information Exposure vulnerability in Cisco Unified Computing System The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239. | 5.0 |
2014-12-10 | CVE-2014-8003 | Improper Input Validation vulnerability in Cisco Unified Computing System Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998. | 7.2 |