CVE-2015-0701

CWE-20 โ€” Improper Input ValidationCWE-78 โ€” OS Command Injection4 documents4 sources
Severity
10.0CRITICAL
EPSS
1.1%
top 22.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unified Computing System Central Software
Timeline
PublishedMay 7
Latest updateMay 17

Description

Cisco UCS Central Software before 1.3(1a) allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-m3mc-f693-5x5j: Cisco UCS Central Software before 1โ†—2022-05-17
โ–ถ
CVEList
CVE-2015-0701: Cisco UCS Central Software before 1โ†—2015-05-07
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Cisco
Cisco UCS Central Software Arbitrary Command Execution Vulnerabilityโ†—2015-05-06
โ–ถ
CVE-2015-0701 (CRITICAL CVSS 10) | Cisco UCS Central Software before 1 | cvebase.io