CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4108
https://notcve.org/view.php?id=CVE-2012-4108
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554. El componente fabric-interconnect en Cisco Unified Computing System (UCS) permite a usuarios locales obtener privilegios y ejecutar comandos arbitrarios a través de parámetros manipulados a un comando file-related, también conocido como Bug ID CSCtq86554. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4108 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4107
https://notcve.org/view.php?id=CVE-2012-4107
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted parameters to a file-related command, aka Bug ID CSCtq86489. El componente fabric-interconnect de Cisco Unified Computing System (UCS) permite a usuarios locales conseguir privilegios y ejecutar comandos arbitrarios a través de parámetros diseñados con un comando file-related, también conocido como Bug ID CSCtq86489. • http://osvdb.org/98355 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4107 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4106
https://notcve.org/view.php?id=CVE-2012-4106
The fabric-interconnect component in Cisco Unified Computing System (UCS) uses the same privilege level for execution of every script, which allows local users to gain privileges and execute arbitrary commands via an unspecified script-execution approach, aka Bug ID CSCtq86477. El componente fabric-interconnect en Cisco Unified Computing System (UCS) usa el mismo nivel de privilegio para la ejecución de cada script, lo que permite a usuarios locales obtener privilegios y ejecutar comandos arbitrarios a través de un enfoque script-execution, también conocido como Bug ID CSCtq86477. • http://osvdb.org/98354 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4106 http://www.securityfocus.com/bid/62981 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4105
https://notcve.org/view.php?id=CVE-2012-4105
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (component crash) via crafted "debug hardware" parameters, aka Bug ID CSCtq86468. El componente fabric-interconnect en Cisco Unified Computing System (UCS) permite a usuarios locales provocar una denegación de servicio (cuelgue del componente) a través de parámetros "debug hardware" manipulados, también conocido como Bug ID CSCtq86468. • http://osvdb.org/98437 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4105 http://www.securityfocus.com/bid/62980 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4084
https://notcve.org/view.php?id=CVE-2012-4084
Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755. Vulnerabilidad de CSRF en la interfaz web-management del componente interconectador de fábrica (FI) en Cisco Unified Computing System (UCS) permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios, también conocido como Bug ID CSCtg20755. • http://osvdb.org/98125 http://secunia.com/advisories/55203 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4084 http://www.securityfocus.com/bid/62851 https://exchange.xforce.ibmcloud.com/vulnerabilities/87679 • CWE-352: Cross-Site Request Forgery (CSRF) •