Skip to main content
CVE-2012-4089 MEDIUM This Month

MCTOOLS in the fabric interconnect in Cisco Unified Computing System (UCS) allows local users to execute arbitrary Baseboard Management Controller (BMC) commands by leveraging (1) local, (2). Rated medium severity (CVSS 6.6). No vendor patch available.

Information Disclosure Cisco Unified Computing System
NVD
CVSS 2.0
6.6
EPSS
0.1%
CVE-2012-4094 MEDIUM This Month

Buffer overflow in the Smart Call Home feature in the fabric interconnect in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service by reading and forging control. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Unified Computing System
NVD
CVSS 2.0
5.4
EPSS
0.8%
CVE-2012-4087 MEDIUM This Month

A cluster setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20793. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Unified Computing System
NVD
CVSS 2.0
5.1
EPSS
0.5%
CVE-2012-4085 MEDIUM This Month

The Intelligent Platform Management Interface (IPMI) implementation in the Blade Management Controller in Cisco Unified Computing System (UCS) allows remote attackers to enumerate valid usernames by. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Unified Computing System
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-3589 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Dell XSS Idrac6 Firmware Idrac6 Monolithic Idrac7 Firmware +1
NVD
CVSS 2.0
4.3
EPSS
1.0%
CVE-2013-3616 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the KnowledgeView Editorial and Management application allows remote attackers to inject arbitrary web script or HTML via the username parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Knowledgeview Editorial And Management Application
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-5911 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in devform.php in Tenable SecurityCenter 4.6 through 4.7 allows remote attackers to inject arbitrary web script or HTML via the message parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP XSS Securitycenter
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy