CVE-2014-0730

CWE-20 — Improper Input Validation4 documents4 sources

Severity

6.8MEDIUM

EPSS

0.1%

top 78.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Unified Computing System Central Software

Timeline

PublishedFeb 22

Latest updateMay 17

Description

Cisco Unified Computing System (UCS) Central Software 1.1 and earlier allows local users to gain privileges via a CLI copy command in a local-mgmt context, aka Bug ID CSCul53128.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.1 | Impact: 10.0

Affected Packages1 packages

▶NVDcisco/unified_computing_system_central_software1.1+1

🔴Vulnerability Details

GHSA

GHSA-mm42-8xqc-ppq5: Cisco Unified Computing System (UCS) Central Software 1↗2022-05-17

▶

CVEList

CVE-2014-0730: Cisco Unified Computing System (UCS) Central Software 1↗2014-02-22

▶

📋Vendor Advisories

Cisco

Cisco Unified Computing System Central Software Privilege Escalation Vulnerability↗2014-02-19

▶