CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4136
https://notcve.org/view.php?id=CVE-2012-4136
The high-availability service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) does not properly bind the cluster service to the management interface, which allows remote attackers to obtain sensitive information or cause a denial of service (peer-syncing outage) via a TELNET connection, aka Bug ID CSCtz72910. El servicio de alta disponibilidad en el componente Fabric Interconnect de Cisco Unified Computing System (UCS) no enlaza adecuadamente el servicio cluster al interface de gestión, lo que permite a atacantes remotos obtener información sensible o causar una denegación de servicio (corte en la sincronización de peers) a través de una conexión TELNET, tambien conocido como Bug ID CSCtz72910. • http://secunia.com/advisories/54171 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVS-2012-4136 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4102
https://notcve.org/view.php?id=CVE-2012-4102
The activate firmware command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02600. El comando activar firmware en el component fabric-interconnect en Cisco Unified Computing System (UCS) permite a usuarios locales ganar privilegios insertando comandos en un parámetro sin especificar . Conocido como Bug ID CSCtq02600. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4102 • CWE-20: Improper Input Validation •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4104
https://notcve.org/view.php?id=CVE-2012-4104
Absolute path traversal vulnerability in the image-download process in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to overwrite or delete arbitrary files via a full pathname in an image header, aka Bug ID CSCtq02706. Salto de directorio completo en el proceso image-download en el componente fabric-interconnect en Cisco Unified Computing System (UCS) permite a usuarios locales sobreescribir o eliminar archivos arbitrarios a través de una ruta completa en un encabezado de imagen, aka Bug ID CSCtq02706. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4104 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4110
https://notcve.org/view.php?id=CVE-2012-4110
run-script in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86560. run-script en el componente fabric-interconnect de Cisco Computing System (UCS) permite a usuarios locales ganar privilegios incluyendo comandos en un parámetro sin especificar .Conocido como Bug ID CSCtq86560. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4110 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4103
https://notcve.org/view.php?id=CVE-2012-4103
ethanalyzer in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02686. El componente etheranalyzer en el componente fabric-interconnect permite a usuarios locales ganar privilegios incluyendo comandos en un parámetro sin especifiacar.Conocido como Bug ID CSCtq02686. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4103 • CWE-20: Improper Input Validation •