Skip to main content

Unified Computing System CVE-2014-8003

HIGH
Improper Input Validation (CWE-20)
2014-12-10 psirt@cisco.com
7.2
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:L/Au:N/C:C/I:C/A:C
Attack Vector
Local
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Dec 10, 2014 - 21:59 cve.org
HIGH 7.2

DescriptionCVE.org

Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998.

AnalysisAI

Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998. Affected products include: Cisco Unified Computing System.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2015-6435 CRITICAL POC
9.8 Jan 22

An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS)

CVE-2021-1368 HIGH
8.8 Feb 24

A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software coul

CVE-2019-1907 HIGH
8.8 Aug 21

A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote a

CVE-2019-1865 HIGH
8.8 Aug 21

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could all

CVE-2019-1864 HIGH
8.8 Aug 21

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could all

CVE-2018-0431 HIGH
8.8 Oct 05

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could all

CVE-2018-0430 HIGH
8.8 Oct 05

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could all

CVE-2015-0718 HIGH
7.5 Mar 03

Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) p

CVE-2012-4078 HIGH
8.5 Sep 24

The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape se

CVE-2021-1387 HIGH
8.6 Feb 24

A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a

CVE-2019-1863 HIGH
8.1 Aug 21

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could all

CVE-2019-1632 HIGH
8.0 Jun 20

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an aut

Share

CVE-2014-8003 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy