Cisco » Unified Computing System Central Software » 1.2(1f) : Security Vulnerabilities, CVEs,

cpe:2.3:a:cisco:unified_computing_system_central_software:1.2\(1f\):*:*:*:*:*:*:*

CVE-2021-1354

A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an authenticated, adjacent attacker to register a rogue Cisco Unified Computing System Manager (UCSM). This vulnerability is due to improper certificate validation. An attacker could exploit this vulnerability by sending a crafted HTTP request to the registration API. A successful exploit could allow the attacker to register a rogue Cisco UCSM and gain access to Cisco UCS Central Software data and Cisco UCSM inventory data.
Max CVSS
4.3
EPSS Score
0.04%
Published
2021-02-04
Updated
2021-02-08

CVE-2015-0701

Cisco UCS Central Software before 1.3(1a) allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961.
Max CVSS
10.0
EPSS Score
0.26%
Published
2015-05-07
Updated
2016-11-28
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close