CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
5.1%
A vulnerability in Cisco Unified Computing System (UCS) B-Series blade servers could allow an unauthenticated, local attacker to cause the host operating system or Baseboard Management Controller (BMC) to hang.
The vulnerability is due to how the various components communicate across the Inter-IC (I2C) bus. An attacker could exploit this vulnerability by sending specific I2C packets. An exploit could allow the attacker to cause disruption to the host, resulting in a denial of service (DoS) condition.
Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151006-ucs [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151006-ucs”]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | ucs_b-series_blade_server_software | any | cpe:2.3:a:cisco:ucs_b-series_blade_server_software:any:*:*:*:*:*:*:* |