Cisco Unified Computing System Central Software vulnerabilities

CVE-2024-20280 [MEDIUM] CWE-321 CVE-2024-20280: A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with acc A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with access to a backup file to learn sensitive information that is stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method that is used for the backup function. An attacker could exploit this

CVE-2021-1354 [LOW] CWE-295 CVE-2021-1354: A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Cent A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an authenticated, adjacent attacker to register a rogue Cisco Unified Computing System Manager (UCSM). This vulnerability is due to improper certificate validation. An attacker could exploit this vulnerability by sending a crafted