CVE-2012-4081Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Unified Computing System

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-20Improper Input ValidationCWE-476NULL Pointer Dereference5 documents5 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 68.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unified Computing System
Timeline
PublishedSep 20
Latest updateMay 17

Description

MCServer in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (application crash) via invalid MCTools parameters, aka Bug ID CSCtg20734.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.1 | Impact: 6.9

Affected Packages1 packages

NVDcisco/unified_computing_system17 versions+16

🔴Vulnerability Details

2
GHSA
GHSA-p4jw-hpfq-3fc6: MCServer in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (application crash2022-05-17
CVEList
CVE-2012-4081: MCServer in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (application crash2013-09-20

📋Vendor Advisories

2
Cisco
Cisco Unified Computing System Cisco Management Controller Denial of Service Vulnerability2013-09-18
Red Hat
kernel: crypto: ghash: null pointer deref if no key is set2011-10-20
CVE-2012-4081 — Cisco vulnerability | cvebase