Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Cisco Unified Computing System
Опубликовано:6 мая 2013 г.
Источник:
SecurityVulns ID:13056
Тип:удаленная
Уровень опасности:
8/10
Описание:Переполнение буфера, утечка информации, DoS условия, обход аутентификации.
Затронутые продукты:CISCO : Unified Computing System 6100
 CISCO : Unified Computing System 6200
CVE:CVE-2013-1186 (Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746.)
 CVE-2013-1185 (The web interface in the Manager component in Cisco Unified Computing System (UCS) 1.x and 2.x before 2.0(2m) allows remote attackers to obtain sensitive information by reading a (1) technical-support bundle file or (2) on-device configuration backup, aka Bug ID CSCtq86543.)
 CVE-2013-1184 (The management API in the XML API management service in the Manager component in Cisco Unified Computing System (UCS) 1.x before 1.2(1b) allows remote attackers to cause a denial of service (service outage) via a malformed request, aka Bug ID CSCtg48206.)
 CVE-2013-1183 (Buffer overflow in the Intelligent Platform Management Interface (IPMI) functionality in the Manager component in Cisco Unified Computing System (UCS) 1.0 and 1.1 before 1.1(1j) and 1.2 before 1.2(1b) allows remote attackers to execute arbitrary code via malformed data in a UDP packet, aka Bug ID CSCtd32371.)
 CVE-2013-1182 (The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.)
Файлы:Multiple Vulnerabilities in Cisco Unified Computing System

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород