CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4082
https://notcve.org/view.php?id=CVE-2012-4082
MCTools in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to gain privileges by entering crafted command-line parameters on a Fabric Interconnect device, aka Bug ID CSCtg20749. MCTools en Cisco Management Controller en Cisco Unified Computing System (UCS) permite a usuarios locales conseguir privilegios mediante la introducción por línea de comandos de parámetros manipulados en un dispositivo Fabric Interconnect, aka Bug ID CSCtg20749. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4082 http://www.securitytracker.com/id/1029062 https://exchange.xforce.ibmcloud.com/vulnerabilities/87337 • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4074
https://notcve.org/view.php?id=CVE-2012-4074
The Board Management Controller (BMC) in the Serial over LAN (SoL) subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded private key, which allows man-in-the-middle attackers to obtain sensitive information or modify the data stream by leveraging knowledge of this key, aka Bug ID CSCte90338. El Board Management Controller (BMC) en el subsistema Serial over LAN (SoL) de Cisco Unified Computing System (UCS) se basa en una clave privada embebida que posibilita a atacantes man-in-middle obtener información sensible o modificar el flujo de datos aprovechando el conocimiento de esta clave. Conocido BIG ID CSCte90338. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4074 http://www.securitytracker.com/id/1029073 • CWE-255: Credentials Management Errors •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4073
https://notcve.org/view.php?id=CVE-2012-4073
The KVM subsystem in the client in Cisco Unified Computing System (UCS) does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers, and read or modify KVM data, via a crafted certificate, aka Bug ID CSCte90332. El subsistema KVM (en el cliente) de Cisco Unified Computing System (UCS) no verifica apropiadamente los certificados X.509 desde servidores SSL, lo que permite a atacantes man-in-the-middle falsear servidores, y leer o modificar datos del KVM, a través de certificados manipulados. Tambien conocido como Bug ID CSCte90332. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4073 http://www.securitytracker.com/id/1029068 • CWE-310: Cryptographic Issues •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4093
https://notcve.org/view.php?id=CVE-2012-4093
The Manager component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via an invalid Smart Call Home contact address, aka Bug ID CSCtl00186. El componente Manager en Cisco Unified Computing System (UCS) permite a usuarios locales causar una denegación de servicio a través de una dirección de contacto "Llamada a Casa Inteligente" inválida , tambien conocido como Bug ID CSCtl00186. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4093 http://www.securitytracker.com/id/1029074 • CWE-20: Improper Input Validation •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4083
https://notcve.org/view.php?id=CVE-2012-4083
Multiple buffer overflows in the administrative web interface in Cisco Unified Computing System (UCS) allow remote authenticated users to cause a denial of service (memory corruption and session termination) via long string values for unspecified parameters, aka Bug ID CSCtg20751. Múltiples desbordamientos de búfer en la interfaz Web administrativa de Cisco Unified Computing System (UCS) permite a usuarios remotos autenticados ocasionar una denegación de servicio (corrupción de memoria y fin de sesión) a través de valores de cadena largos en parametros sin especificar, aka Bug ID CSCtg20751. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4083 http://www.securitytracker.com/id/1029066 https://exchange.xforce.ibmcloud.com/vulnerabilities/87338 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •