Multiple Vulnerabilities in Cisco Unified Computing System
cisco-sa-20130424-ucsmulti · Critical · Published · Updated
Managed and standalone Cisco Unified Computing System (UCS) deployments contain one or more of the vulnerabilities: Cisco Unified Computing System LDAP User Authentication Bypass Vulnerability Cisco Unified Computing System IPMI Buffer Overflow Vulnerability Cisco Unified Computing Management API Denial of Service Vulnerability Cisco Unified Computing System Information Disclosure Vulnerability Cisco Unified Computing System KVM Authentication Bypass Vulnerability Cisco has released software updates that address these vulnerabilities. These vulnerabilities affect only Cisco UCS. Additional vulnerabilities that affect the NX-OS base operating system of UCS are described in Multiple Vulnerabilities in Cisco NX-OS-Based Products. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti
Base 9.3 Base 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C Base 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C Base 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C Base 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C
Product Names From Source
Cisco Unified Computing System (Managed), Cisco Unified Computing System (Standalone)