CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
EPSS
Percentile
44.4%
Cisco Unified Computing System contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability is due to errors in processing malicious Simple Network Management Protocol (SNMP) messages by the affected software. An authenticated, remote attacker could exploit this vulnerability by sending malicious requests to the device.
Cisco confirmed the vulnerability in software release notes and issued software updates.
Only attackers who can authenticate to an affected device could exploit this vulnerability, likely limiting the potential source of exploitation to authorized users.
Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | unified_computing_system | any | cpe:2.3:h:cisco:unified_computing_system:any:*:*:*:*:*:*:* |