Vulnerabilities > Cisco > Unified Computing System > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-07-20 | CVE-2015-4279 | OS Command Injection vulnerability in Cisco Unified Computing System 2.2(3B) The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect, aka Bug ID CSCut32778. | 7.2 |
| 2015-06-17 | CVE-2015-4183 | OS Command Injection vulnerability in Cisco Unified Computing System 1.2(1A) Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795. | 7.2 |
| 2014-12-10 | CVE-2014-8003 | Improper Input Validation vulnerability in Cisco Unified Computing System Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998. | 7.2 |
| 2013-09-24 | CVE-2012-4078 | Improper Authentication vulnerability in Cisco Unified Computing System The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656. | 8.5 |