CVE-2013-1184

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-1184
The management API in the XML API management service in the Manager component in Cisco Unified Computing System (UCS) 1.x before 1.2(1b) allows remote attackers to cause a denial of service (service outage) via a malformed request, aka Bug ID CSCtg48206.

7.8 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.0\(2k\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.0:*:*:*:*:*:*:*
cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1\(1m\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.2\(1\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.2\(1a\):*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:unified_computing_system_integrated_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_computing_system_6296up_fabric_interconnect:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_computing_system_6120xp_fabric_interconnect:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_computing_system_6248up_fabric_interconnect:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_computing_system_6140xp_fabric_interconnect:-:*:*:*:*:*:*:*
Information

Published : 2013-04-25 03:55

Updated : 2013-04-25 03:55

NVD link : CVE-2013-1184

Mitre link : CVE-2013-1184

JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa
Products Affected

cisco

  • unified_computing_system_6296up_fabric_interconnect
  • unified_computing_system_infrastructure_and_unified_computing_system_software
  • unified_computing_system_integrated_management_controller
  • unified_computing_system_6248up_fabric_interconnect
  • unified_computing_system_6140xp_fabric_interconnect
  • unified_computing_system_6120xp_fabric_interconnect