CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6415
https://notcve.org/view.php?id=CVE-2015-6415
Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect 6200 devices allows remote attackers to cause a denial of service (CPU consumption or device outage) via a SYN flood on the SSH port during the booting process, aka Bug ID CSCuu81757. Cisco Unified Computing System (UCS) 2.2(3f)A en dispositivos Fabric Interconnect 6200 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU o interrupción de dispositivo) a través de una inundación SYN en el puerto SSH durante el proceso de arranque, también conocido como Bug ID CSCuu81757. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-ucs http://www.securityfocus.com/bid/85711 http://www.securitytracker.com/id/1034381 • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6387
https://notcve.org/view.php?id=CVE-2015-6387
Cross-site scripting (XSS) vulnerability in Cisco Unified Computing System (UCS) Central Software 1.3(0.1) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCux33573. Vulnerabilidad de XSS en Cisco Unified Computing System (UCS) Central Software 1.3 (0.1) permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un valor manipulado en una URL, también conocida como Bug ID CSCux33573. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151201-ucs http://www.securitytracker.com/id/1034275 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6388
https://notcve.org/view.php?id=CVE-2015-6388
Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted request, aka Bug ID CSCux33575. Cisco Unified Computing System (UCS) Central software 1.3 (0.1) permite a atacantes remotos llevar a cabo ataques Server-Side Request Forgery (SSRF) a través de una petición manipulada, también conocida como Bug ID CSCux33575. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151201-ucs1 http://www.securityfocus.com/bid/78870 http://www.securitytracker.com/id/1034380 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6355
https://notcve.org/view.php?id=CVE-2015-6355
The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on blade servers allows remote attackers to obtain potentially sensitive version information by visiting an unspecified URL, aka Bug ID CSCuw87226. La interfaz web en Cisco Unified Computing System (UCS) 2.2(5b)A en servidores blade permite a atacantes remotos obtener información potencialmente sensible sobre la versión al visitar una URL no especificada, también conocido como Bug ID CSCuw87226. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151102-ucs http://www.securitytracker.com/id/1034042 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.4EPSS: 0%CPEs: 11EXPL: 0CVE-2015-6259
https://notcve.org/view.php?id=CVE-2015-6259
The JavaServer Pages (JSP) component in Cisco Integrated Management Controller (IMC) Supervisor before 1.0.0.1 and UCS Director (formerly Cloupia Unified Infrastructure Controller) before 5.2.0.1 allows remote attackers to write to arbitrary files via crafted HTTP requests, aka Bug IDs CSCus36435 and CSCus62625. Vulnerabilidad en el componente JavaServer Pages (JSP) en Cisco Integrated Management Controller (IMC) Supervisor en versiones anteriores a 1.0.0.1 y UCS Director (anteriormente Cloupia Unified Infrastructure Controller) en versiones anteriores a 5.2.0.1, permite a atacantes remotos escribir en archivos arbitrarios a través de peticiones HTTP manipuladas, también conocida como Bug IDs CSCus36435 y CSCus62625. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150902-cimcs http://www.securitytracker.com/id/1033451 • CWE-20: Improper Input Validation •