Cisco Unified Computing System Multiple Vulnerabilities

2013-04-24 / 2013-05-01
Credit: CISCO
Risk: High
Local: No
Remote: Yes
CVE: CVE-2013-1198 | CVE-2013-1186 | CVE-2013-1185 | CVE-2013-1184 | CVE-2013-1183 | CVE-2013-1182
CWE: CWE-20
CWE-79
CWE-119

Multiple Vulnerabilities in Cisco Unified Computing System Advisory ID: cisco-sa-20130424-ucsmulti Revision 1.0 For Public Release 2013 April 24 16:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= Managed and standalone Cisco Unified Computing System (UCS) deployments contain one or more of the vulnerabilities: * Cisco Unified Computing System LDAP User Authentication Bypass Vulnerability * Cisco Unified Computing System IPMI Buffer Overflow Vulnerability * Cisco Unified Computing Management API Denial of Service Vulnerability * Cisco Unified Computing System Information Disclosure Vulnerability * Cisco Unified Computing System KVM Authentication Bypass Vulnerability Cisco has released free software updates that address these vulnerabilities. These vulnerabilities affect only Cisco UCS. Additional vulnerabilities that affect the NX-OS base operating system of UCS are described in Multiple Vulnerabilities in Cisco NX-OS-Based Products. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti

References:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top