Cisco Unified Computing System Central Software — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Unified Computing System Central Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2015-0701 — CVSS 10.0 (critical): Cisco UCS Central Software before 1.3(1a) allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID…
CVE-2016-1352 — CVSS 9.8 (critical): Cisco Unified Computing System (UCS) Central Software 1.3(1b) and earlier allows remote attackers to execute arbitrary OS commands via a…
CVE-2018-0113 — CVSS 8.8 (high): A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote attacker to execute arbitrary shell…
CVE-2018-0094 — CVSS 7.5 (high): A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a…
CVE-2014-0730 — CVSS 6.8 (medium): Cisco Unified Computing System (UCS) Central Software 1.1 and earlier allows local users to gain privileges via a CLI copy command in a…
CVE-2016-1401 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Computing System (UCS) Central Software 1.4(1a)…
CVE-2017-12348 — CVSS 5.4 (medium): Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a…
CVE-2017-12349 — CVSS 5.4 (medium): Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a…
CVE-2015-6388 — CVSS 5.0 (medium): Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows remote attackers to conduct server-side request forgery (SSRF)…
CVE-2015-4286 — CVSS 5.0 (medium): The web framework in Cisco UCS Central Software 1.3(0.99) allows remote attackers to read arbitrary files via a crafted HTTP request, aka…
CVE-2015-6387 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Cisco Unified Computing System (UCS) Central Software 1.3(0.1) allows remote attackers to…
CVE-2021-1354 — CVSS 4.3 (medium): A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an…