CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4088
https://notcve.org/view.php?id=CVE-2012-4088
The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging knowledge of this password, aka Bug ID CSCtg20769. El servidor FTP en Cisco Unified Computing System (UCS) tiene una contraseña incrustada para una cuenta específica de usuario, lo cual facilita a los atacantes remotos leer o modificar ficheros mediante el aprovechamiento del conocimiento de esta clave, aka Bug ID CSCtg20769. • http://secunia.com/advisories/54682 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4088 http://www.securitytracker.com/id/1029102 • CWE-255: Credentials Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4079
https://notcve.org/view.php?id=CVE-2012-4079
The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service (API service outage) via a malformed XML document in a packet, aka Bug ID CSCtg48206. El servicio XMLAPI en el componente Fabric Interconnect de Cisco Unified Computing System (UCS) permite a atacantes remotos causar denegación de servicio (agotamiento de servicio API) a través de un documento XML malformado en un paquete, también conocido como Bug ID CSCtg48206. • http://secunia.com/advisories/54879 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4079 • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4092
https://notcve.org/view.php?id=CVE-2012-4092
The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle attackers to read or modify an inter-device data stream by spoofing an identity, aka Bug ID CSCtk00683. La interfaz de gestión en el componente Central Software de Cisco Unified Computing System (UCS) no valida correctamente la identidad de consolas vCenter, lo cual permite a atacantes man-in-the-middle leer o modificar un flujo de datos entre dispositivos falseando una identidad, también conocido como Bug ID CSCtk00683. • http://secunia.com/advisories/55034 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4092 • CWE-20: Improper Input Validation •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4086
https://notcve.org/view.php?id=CVE-2012-4086
A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790. Una secuencia de comandos de instalación para dispositivos "fabric interconnect" en Cisco Unified Computing System (UCS) permite a atacantes remotos ejecutar comandos arbitrarios a través de parámetros inválidos, aka Bug ID CSCtg20790. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4086 http://www.securitytracker.com/id/1029083 https://exchange.xforce.ibmcloud.com/vulnerabilities/87368 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-4078
https://notcve.org/view.php?id=CVE-2012-4078
The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656. El Baseboard Management Controller (BMC) en Cisco Unified Computing System (UCS) no maneja correctamente secuencias de escape SSH, lo cual permite a usuarios autenticados remotamente saltarse un paso no especificado de autentificación a través del reenvío de puertos SSH, aka Bug ID CSCtg17656. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4078 http://www.securitytracker.com/id/1029084 https://exchange.xforce.ibmcloud.com/vulnerabilities/87367 • CWE-287: Improper Authentication •