Page 2 of 10 results (0.004 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795. Cisco UCS Central Software 1.2(1a) permite a usuarios locales ganar privilegios para la ejecución de comandos del sistema operativo a través de un parámetro CLI manipulado, también conocido como Bug ID CSCut32795. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39324 http://www.securityfocus.com/bid/75205 http://www.securitytracker.com/id/1032584 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

Cisco UCS Central Software before 1.3(1a) allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961. Cisco UCS Central Software en versiones anteriores a 1.3(1a) permite a atacantes remotos ejecutar comandos arbitrarios a través de una petición HTTP manipulada, también conocido como Bug ID CSCut46961. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150506-ucsc http://www.securityfocus.com/bid/74491 http://www.securitytracker.com/id/1032267 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239. El subsistema Management en Cisco Unified Computing System 2.1(3f) y anteriores permite a atacantes remotos obtener información sensible mediante la lectura de ficheros del registro, también conocido como Bug ID CSCur99239. Cisco Unified Computing System Manager (UCSM) versions 1.3 through 2.2 sends local (UCSM) username and password hashes to the configured SYSLOG server every 12 hours. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8009 http://tools.cisco.com/security/center/viewAlert.x?alertId=36640 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998. Cisco Integrated Management Controller en Cisco Unified Computing System 2.2(2c)A y anteriores permite a usuarios locales obtener acceso de shell a través de un comando map-nfs manipulado, también conocido como Bug ID CSCup05998. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8003 http://tools.cisco.com/security/center/viewAlert.x?alertId=36562 • CWE-20: Improper Input Validation •

CVSS: 4.6EPSS: 0%CPEs: 17EXPL: 0

MCServer in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (application crash) via invalid MCTools parameters, aka Bug ID CSCtg20734. MCServer en Cisco Management Controller de Cisco Unified Computing System (UCS) permite a usuarios locales causar una denegación de servicio (cuelgue de aplicación) a través de parámetros inválidos de MCTools, tambien conocido como Bug ID CSCtg20734. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4081 http://www.securitytracker.com/id/1029065 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •