threat
engine
.sh
Back
·
··:··
Home
/
Product
/
cisco unified computing system
Product
cisco unified computing system
105 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2020-26062
all versions
A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid
5.3
MEDIUM
CVE-2024-20365
all versions
A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow a
6.5
MEDIUM
CVE-2024-20294
all versions
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an
6.6
MEDIUM
CVE-2021-44228
all versions
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration
10.0
CRITICAL
CVE-2021-34736
< 4.1\(2g\)
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unau
5.3
MEDIUM
CVE-2021-1592
>= 4.0 and < 4.0\(4m\)
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause
4.3
MEDIUM
CVE-2021-1590
< 4.0\(4m\)
A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticate
5.3
MEDIUM
CVE-2021-1387
>= 4.0 and < 4.0\(4k\)
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of
8.6
HIGH
CVE-2021-1368
< 4.0\(4i\)
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an
8.8
HIGH
CVE-2019-1736
all versions
A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass U
6.6
MEDIUM
CVE-2020-10136
all versions
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is v
5.3
MEDIUM
CVE-2019-1966
all versions
A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Softw
7.8
HIGH
CVE-2019-1908
all versions
A vulnerability in the Intelligent Platform Management Interface (IPMI) implementation of Cisco Integrated Management Controller (
7.5
HIGH
CVE-2019-1907
all versions
A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to
8.8
HIGH
CVE-2019-1900
all versions
A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker
7.5
HIGH
CVE-2019-1896
all versions
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated
7.2
HIGH
CVE-2019-1885
all versions
A vulnerability in the Redfish protocol of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attac
7.2
HIGH
CVE-2019-1883
all versions
A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local
7.8
HIGH
CVE-2019-1871
all versions
A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authe
7.2
HIGH
CVE-2019-1865
all versions
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an auth
8.8
HIGH
CVE-2019-1864
all versions
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an auth
8.8
HIGH
CVE-2019-1863
all versions
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an auth
8.1
HIGH
CVE-2019-1850
all versions
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an auth
7.2
HIGH
CVE-2019-1634
all versions
A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could allo
7.2
HIGH
CVE-2019-1879
all versions
A vulnerability in the CLI of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to inject
6.4
MEDIUM
CVE-2019-1632
all versions
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated
4.6
MEDIUM
CVE-2019-1631
all versions
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticat
5.3
MEDIUM
CVE-2019-1630
all versions
A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller (IMC) could allow an authenti
5.5
MEDIUM
CVE-2019-1629
all versions
A vulnerability in the configuration import utility of Cisco Integrated Management Controller (IMC) could allow an unauthenticated
5.3
MEDIUM
CVE-2019-1628
all versions
A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to
5.5
MEDIUM
CVE-2019-1627
all versions
A vulnerability in the Server Utilities of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attac
6.5
MEDIUM
CVE-2019-1725
< 4.0\(2a\)
A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could all
5.5
MEDIUM
CVE-2018-0431
all versions
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an auth
8.8
HIGH
CVE-2018-0430
all versions
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an auth
8.8
HIGH
CVE-2018-0338
all versions
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System (UCS) Software could allow an authe
7.8
HIGH
CVE-2017-12341
all versions
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command inject
6.7
MEDIUM
CVE-2017-12338
all versions
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arb
6.0
MEDIUM
CVE-2017-12336
all versions
A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to esca
4.2
MEDIUM
CVE-2017-12335
all versions
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command inject
6.3
MEDIUM
CVE-2017-12334
all versions
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command inject
6.7
MEDIUM
CVE-2017-12333
all versions
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when
6.7
MEDIUM
CVE-2017-12332
all versions
A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to
4.4
MEDIUM
CVE-2017-12331
all versions
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when
6.7
MEDIUM
CVE-2017-12329
all versions
A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenti
6.3
MEDIUM
CVE-2017-12255
all versions
A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vu
6.7
MEDIUM
CVE-2017-6633
all versions
A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote
7.5
HIGH
CVE-2017-6604
all versions
A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remo
6.1
MEDIUM
CVE-2017-6602
all versions
A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (
4.4
MEDIUM
CVE-2017-6601
all versions
A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewa
7.1
HIGH
CVE-2017-6600
all versions
A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewa
7.8
HIGH
CVE-2017-6598
all versions
A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Serie
6.7
MEDIUM
CVE-2017-6597
all versions
A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Nex
7.8
HIGH
CVE-2016-6402
all versions
UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain
7.8
HIGH
CVE-2015-0718
all versions
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms a
7.5
HIGH
CVE-2015-6435
all versions
An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager b
9.8
CRITICAL
CVE-2015-6415
all versions
Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect 6200 devices allows remote attackers to cause a denial of ser
CVE-2015-6355
all versions
The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on blade servers allows remote attackers to obtain potentially
CVE-2015-4279
all versions
The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices allows local users to gain privile
CVE-2015-4259
all versions
The Integrated Management Controller on Cisco Unified Computing System (UCS) C servers with software 1.5(3) and 1.6(0.16) has a de
CVE-2015-4183
all versions
Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka
CVE-2015-0633
all versions
The Integrated Management Controller (IMC) in Cisco Unified Computing System (UCS) 1.4(7h) and earlier on C-Series servers allows
CVE-2015-0599
all versions
The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) on C-Series Rack Servers does
CVE-2014-8009
<= 2.1\(3f\)
The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive informa
CVE-2014-8003
<= 2.2\(2c\)a
Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell a
CVE-2014-7996
all versions
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Co
CVE-2013-5550
all versions
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via craf
CVE-2012-4115
all versions
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM virtual-media data, which allows ma
CVE-2012-4117
all versions
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not properly verify X.509 certificates, which allow
CVE-2012-4116
all versions
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote
CVE-2012-4114
all versions
The fabric-interconnect KVM module in Cisco Unified Computing System (UCS) does not encrypt video data, which allows man-in-the-mi
CVE-2012-4113
all versions
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and read arbitrary
CVE-2012-4112
all versions
The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and execut
CVE-2012-4108
all versions
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitr
CVE-2012-4107
all versions
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitr
CVE-2012-4106
all versions
The fabric-interconnect component in Cisco Unified Computing System (UCS) uses the same privilege level for execution of every scr
CVE-2012-4105
all versions
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (compone
CVE-2012-4084
all versions
Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco
CVE-2012-4136
all versions
The high-availability service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) does not properly bind
CVE-2012-4111
all versions
The create certreq command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain
CVE-2012-4110
all versions
run-script in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by e
CVE-2012-4109
all versions
The clear sshkey command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain p
CVE-2012-4104
all versions
Absolute path traversal vulnerability in the image-download process in the fabric-interconnect component in Cisco Unified Computin
CVE-2012-4103
all versions
ethanalyzer in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by
CVE-2012-4102
all versions
The activate firmware command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to g
CVE-2012-4095
all versions
The local file editor in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain priv
CVE-2012-4096
all versions
The local file editor in the Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to g
CVE-2012-1313
all versions
The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local users to gain privileges via
CVE-2012-4092
all versions
The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the
CVE-2012-4088
all versions
The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an unspecified user account, which makes it ea
CVE-2012-4079
all versions
The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause
CVE-2012-4086
all versions
A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrar
CVE-2012-4094
all versions
Buffer overflow in the Smart Call Home feature in the fabric interconnect in Cisco Unified Computing System (UCS) allows remote at
CVE-2012-4089
all versions
MCTOOLS in the fabric interconnect in Cisco Unified Computing System (UCS) allows local users to execute arbitrary Baseboard Manag
CVE-2012-4087
all versions
A cluster setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute
CVE-2012-4085
all versions
The Intelligent Platform Management Interface (IPMI) implementation in the Blade Management Controller in Cisco Unified Computing
CVE-2012-4078
all versions
The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, w
CVE-2012-4082
all versions
MCTools in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to gain privileges by enteri
CVE-2012-4081
all versions
MCServer in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to cause a denial of servic
CVE-2012-4093
all versions
The Manager component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via an invalid Smart
CVE-2012-4083
all versions
Multiple buffer overflows in the administrative web interface in Cisco Unified Computing System (UCS) allow remote authenticated u
CVE-2012-4074
all versions
The Board Management Controller (BMC) in the Serial over LAN (SoL) subsystem in Cisco Unified Computing System (UCS) relies on a h
CVE-2012-4073
all versions
The KVM subsystem in the client in Cisco Unified Computing System (UCS) does not verify X.509 certificates from SSL servers, which
CVE-2012-4072
all versions
The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle
CVE-2013-1190
all versions
The C-Series Rack Server component 1.4 in Cisco Unified Computing System (UCS) does not properly restrict inbound access to ports,
CVE-2011-2569
all versions
Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict comma
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin