Cisco Unified Computing System vulnerabilities

CVE-2014-8003 [HIGH] CWE-20 CVE-2014-8003: Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998.

CVE-2014-8009 [MEDIUM] CWE-200 CVE-2014-8009: The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attacke The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239.

CVE-2012-4078 [HIGH] CWE-287 CVE-2012-4078: The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656.

CVE-2012-4081 [MEDIUM] CWE-119 CVE-2012-4081: MCServer in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local use MCServer in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (application crash) via invalid MCTools parameters, aka Bug ID CSCtg20734.

CVE-2013-1186 Multiple Vulnerabilities in Cisco Unified Computing System CVE-2013-1186: Multiple Vulnerabilities in Cisco Unified Computing System Managed and standalone Cisco Unified Computing System (UCS) deployments contain one or more of the vulnerabilities: Cisco Unified Computing System LDAP User Authentication Bypass Vulnerability Cisco Unified Computing System IPMI Buffer Overflow Vulnerability Cisco Unified Computing Management API Denial of Service Vulnerability Cisco Unified Computing

CVE-2013-1182 Multiple Vulnerabilities in Cisco Unified Computing System CVE-2013-1182: Multiple Vulnerabilities in Cisco Unified Computing System Managed and standalone Cisco Unified Computing System (UCS) deployments contain one or more of the vulnerabilities: Cisco Unified Computing System LDAP User Authentication Bypass Vulnerability Cisco Unified Computing System IPMI Buffer Overflow Vulnerability Cisco Unified Computing Management API Denial of Service Vulnerability Cisco Unified Computing

CVE-2013-1185 Multiple Vulnerabilities in Cisco Unified Computing System CVE-2013-1185: Multiple Vulnerabilities in Cisco Unified Computing System Managed and standalone Cisco Unified Computing System (UCS) deployments contain one or more of the vulnerabilities: Cisco Unified Computing System LDAP User Authentication Bypass Vulnerability Cisco Unified Computing System IPMI Buffer Overflow Vulnerability Cisco Unified Computing Management API Denial of Service Vulnerability Cisco Unified Computing

CVE-2013-1183 Multiple Vulnerabilities in Cisco Unified Computing System CVE-2013-1183: Multiple Vulnerabilities in Cisco Unified Computing System Managed and standalone Cisco Unified Computing System (UCS) deployments contain one or more of the vulnerabilities: Cisco Unified Computing System LDAP User Authentication Bypass Vulnerability Cisco Unified Computing System IPMI Buffer Overflow Vulnerability Cisco Unified Computing Management API Denial of Service Vulnerability Cisco Unified Computing

CVE-2013-1184 Multiple Vulnerabilities in Cisco Unified Computing System CVE-2013-1184: Multiple Vulnerabilities in Cisco Unified Computing System Managed and standalone Cisco Unified Computing System (UCS) deployments contain one or more of the vulnerabilities: Cisco Unified Computing System LDAP User Authentication Bypass Vulnerability Cisco Unified Computing System IPMI Buffer Overflow Vulnerability Cisco Unified Computing Management API Denial of Service Vulnerability Cisco Unified Computing