Vulnerabilities > Unisys > MCP Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-01-07 CVE-2019-18386 Improper Input Validation vulnerability in Unisys MCP Firmware
Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel
network
unisys CWE-20
5.8
2017-09-30 CVE-2017-13684 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unisys Mcp-Firmware
Unisys Libra 64xx and 84xx and FS601 class systems with MCP-FIRMWARE before 43.211 allow remote authenticated users to cause a denial of service (program crash) or have unspecified other impact via vectors related to incorrect literal handling, which trigger CPM stack corruption.
local
low complexity
unisys CWE-119
4.6
2017-02-03 CVE-2015-4049 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unisys Mcp-Firmware 40.0
Unisys Libra 43xx, 63xx, and 83xx, and FS600 class systems with MCP-FIRMWARE 40.0 before 40.0IC4 Build 270 might allow remote authenticated users to cause a denial of service (data corruption or system crash) via vectors related to using program operators during EPSILON (level 5) based codefiles at peak memory usage, which triggers CPM stack corruption.
network
high complexity
unisys CWE-119
5.6