Skip to main content

Unified Computing System Director

7 CVEs product

Monthly

CVE-2018-15404 MEDIUM This Month

A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to cause a denial of service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Unified Computing System Director Integrated Management Controller Supervisor
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2018-0238 CRITICAL Act Now

A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Unified Computing System Director
NVD
CVSS 3.0
9.9
EPSS
5.2%
CVE-2018-0219 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Unified Computing System (UCS) Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Computing System Director
NVD
CVSS 3.0
6.1
EPSS
1.8%
CVE-2017-3817 MEDIUM This Month

A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Unified Computing System Director
NVD
CVSS 3.0
4.3
EPSS
0.1%
CVE-2017-3868 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Computing System Director
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-3801 HIGH This Week

A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Unified Computing System Director
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2015-6259 CRITICAL Act Now

The JavaServer Pages (JSP) component in Cisco Integrated Management Controller (IMC) Supervisor before 1.0.0.1 and UCS Director (formerly Cloupia Unified Infrastructure Controller) before 5.2.0.1. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Integrated Management Controller Supervisor Unified Computing System Director
NVD
CVSS 2.0
9.4
EPSS
1.7%
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to cause a denial of service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Unified Computing System Director +1
NVD
EPSS 5% CVSS 9.9
CRITICAL Act Now

A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Unified Computing System Director
NVD
EPSS 2% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Unified Computing System (UCS) Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Computing System Director
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Unified Computing System Director
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Computing System Director
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Unified Computing System Director
NVD
EPSS 2% CVSS 9.4
CRITICAL Act Now

The JavaServer Pages (JSP) component in Cisco Integrated Management Controller (IMC) Supervisor before 1.0.0.1 and UCS Director (formerly Cloupia Unified Infrastructure Controller) before 5.2.0.1. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Integrated Management Controller Supervisor +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy