NotCVE - vendor:"Cisco" product:"Ucs Director Express For Big Data" version:"3.7.0.0"

16 results (0.007 seconds)

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-3329 – Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability

https://notcve.org/view.php?id=CVE-2020-3329

06 May 2020 — A vulnerability in role-based access control of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. The vulnerability is due to incorrect allocation of the enable/disable action button under the role-based access control code on an affected system. An attacker could exploit this vulnerability by authenticating as a read-only user and then... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-Ar6BAguz • CWE-284: Improper Access Control •

CVSS: 9.8EPSS: 9%CPEs: 19EXPL: 0

CVE-2020-3252 – Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data

https://notcve.org/view.php?id=CVE-2020-3252

15 Apr 2020 — Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en la API REST de Cisco UCS Director y Cisco UCS Director Express para Big Data, pueden permitir a un atacante remoto omitir la autenticación o conducir ataques de salto d... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 36%CPEs: 19EXPL: 0

CVE-2020-3251 – Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data

https://notcve.org/view.php?id=CVE-2020-3251

CVSS: 9.8EPSS: 89%CPEs: 19EXPL: 1

CVE-2020-3250 – Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data

https://notcve.org/view.php?id=CVE-2020-3250

15 Apr 2020 — Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en la API REST de Cisco UCS Director y Cisco UCS Director Express para Big Data, pueden permitir a un atacante remoto omitir la autenticación o conducir ataques de salto d... • https://packetstorm.news/files/id/157955 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •

CVSS: 9.8EPSS: 26%CPEs: 19EXPL: 0

CVE-2020-3249 – Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data

https://notcve.org/view.php?id=CVE-2020-3249

CVSS: 10.0EPSS: 46%CPEs: 19EXPL: 0

CVE-2020-3248 – Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data

https://notcve.org/view.php?id=CVE-2020-3248

CVSS: 10.0EPSS: 46%CPEs: 19EXPL: 0

CVE-2020-3247 – Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data

https://notcve.org/view.php?id=CVE-2020-3247

CVSS: 9.8EPSS: 84%CPEs: 19EXPL: 1

CVE-2020-3243 – Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data

https://notcve.org/view.php?id=CVE-2020-3243

15 Apr 2020 — Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en la API REST de Cisco UCS Director y Cisco UCS Director Express para Big Data, pueden permitir a un atacante remoto omitir la autenticación o conducir ataques de salto d... • https://packetstorm.news/files/id/157955 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •

CVSS: 9.8EPSS: 38%CPEs: 19EXPL: 0

CVE-2020-3240 – Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data

https://notcve.org/view.php?id=CVE-2020-3240

CVSS: 9.8EPSS: 45%CPEs: 19EXPL: 0

CVE-2020-3239 – Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data

https://notcve.org/view.php?id=CVE-2020-3239

1 2