CVE-2019-1725 – Cisco UCS B-Series Blade Servers Local Management CLI Arbitrary File Creation or CLI Parameter Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-1725
A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could allow an authenticated, local attacker to overwrite an arbitrary file on disk. It is also possible the attacker could inject CLI command parameters that should not be allowed for a specific subset of local management CLI commands. The vulnerability is due to lack of proper input validation of user input for local management CLI commands. An attacker could exploit this vulnerability by authenticating to the device and issuing a crafted form of a limited subset of local management CLI commands. An exploit could allow the attacker to overwrite an arbitrary files on disk or inject CLI command parameters that should have been disabled. • http://www.securityfocus.com/bid/108082 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-ucs-cli-inj • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2018-0431 – Cisco Integrated Management Controller Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2018-0431
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to insufficient validation of command input by the affected software. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device. Una vulnerabilidad en la interfaz de gestión web de Cisco Integrated Management Controller (IMC) Software podría permitir que un atacante remoto no autenticado inyecte y ejecute comandos arbitrarios con privilegios root en un dispositivo afectado. • http://www.securitytracker.com/id/1041686 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cimc-injection • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2018-0430 – Cisco Integrated Management Controller Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2018-0430
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to insufficient validation of command input by the affected software. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to inject and execute arbitrary, system-level commands with root privileges on an affected device. Una vulnerabilidad en la interfaz de gestión web de Cisco Integrated Management Controller (IMC) Software podría permitir que un atacante remoto no autenticado inyecte y ejecute comandos arbitrarios con privilegios root en un dispositivo afectado. • http://www.securitytracker.com/id/1041686 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cimc-injection • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2017-12255
https://notcve.org/view.php?id=CVE-2017-12255
A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands entered in the CLI, aka a Restricted Shell Break Vulnerability. An attacker could exploit this vulnerability by entering a specific command with crafted arguments. An exploit could allow the attacker to gain shell access to the underlying system. Cisco Bug IDs: CSCve70762. • http://www.securityfocus.com/bid/100932 http://www.securitytracker.com/id/1039412 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-ucs • CWE-20: Improper Input Validation •
CVE-2017-6633
https://notcve.org/view.php?id=CVE-2017-6633
A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate-limiting protection. An attacker could exploit this vulnerability by sending a high rate of TCP SYN packets to a specific TCP listening port on an affected device. An exploit could allow the attacker to cause a specific TCP listening port to stop accepting new connections, resulting in a DoS condition. Cisco Bug IDs: CSCva65544. • http://www.securityfocus.com/bid/98525 http://www.securitytracker.com/id/1038513 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucsc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •