CVE-2015-6355 — Sensitive Information Exposure in Cisco Unified Computing System

CWE-200 — Sensitive Information Exposure4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.2%

top 54.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Unified Computing System

Timeline

PublishedNov 4

Latest updateMay 14

Description

The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on blade servers allows remote attackers to obtain potentially sensitive version information by visiting an unspecified URL, aka Bug ID CSCuw87226.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/unified_computing_system2.2\(5b\)a

🔴Vulnerability Details

GHSA

GHSA-fgcg-572p-3m99: The web interface in Cisco Unified Computing System (UCS) 2↗2022-05-14

▶

CVEList

CVE-2015-6355: The web interface in Cisco Unified Computing System (UCS) 2↗2015-11-04

▶

📋Vendor Advisories

Cisco

Cisco Unified Computing System Blade Server Information Disclosure Vulnerability↗2015-11-02

▶