Vulnerabilities > Cisco > Unified Computing System > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-21 | CVE-2021-34736 | Improper Input Validation vulnerability in Cisco Unified Computing System A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart. | 7.5 |
| 2021-02-24 | CVE-2021-1387 | Memory Leak vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
| 2021-02-24 | CVE-2021-1368 | Out-of-bounds Write vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. | 8.8 |
| 2019-08-30 | CVE-2019-1966 | Unspecified vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. | 7.2 |
| 2019-08-21 | CVE-2019-1900 | NULL Pointer Dereference vulnerability in Cisco products A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to cause the web server process to crash, causing a denial of service (DoS) condition on an affected system. | 7.8 |
| 2019-08-21 | CVE-2019-1883 | OS Command Injection vulnerability in Cisco products A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. | 7.2 |
| 2019-06-20 | CVE-2019-1879 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
| 2018-06-20 | CVE-2018-0314 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 7.5 |
| 2018-06-20 | CVE-2018-0312 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2018-06-20 | CVE-2018-0308 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. | 7.5 |