Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2012-4078
HistorySep 24, 2013 - 10:35 a.m.

CVE-2012-4078

2013-09-2410:35:51
CWE-287
cisco
web.nvd.nist.gov
28
cisco
ucs
baseboard management controller
bmc
ssh
port forwarding
authentication
cve-2012-4078
nvd

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

0.003

Percentile

68.5%

JSON

The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656.

Affected configurations

Nvd
Node
ciscounified_computing_systemMatch1.0\(2k\)
OR
ciscounified_computing_systemMatch1.0_base
OR
ciscounified_computing_systemMatch1.1\(1m\)
OR
ciscounified_computing_systemMatch1.1_base
VendorProductVersionCPE
ciscounified_computing_system1.0(2k)cpe:2.3:a:cisco:unified_computing_system:1.0\(2k\):*:*:*:*:*:*:*
ciscounified_computing_system1.0_basecpe:2.3:a:cisco:unified_computing_system:1.0_base:*:*:*:*:*:*:*
ciscounified_computing_system1.1(1m)cpe:2.3:a:cisco:unified_computing_system:1.1\(1m\):*:*:*:*:*:*:*
ciscounified_computing_system1.1_basecpe:2.3:a:cisco:unified_computing_system:1.1_base:*:*:*:*:*:*:*

Related

cvelist 1
nvd 1
prion 1
cisco 1
cvelist
cvelist
CVE-2012-4078
2013-09-24 10:00:00
nvd
nvd
CVE-2012-4078
2013-09-24 10:35:51
prion
prion
Authentication flaw
2013-09-24 10:35:00
cisco
cisco
Cisco Unified Computing System Baseboard Management Controller Privilege Escalation Vulnerability
2013-09-24 19:40:45

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

0.003

Percentile

68.5%

JSON
Related for CVE-2012-4078
cvelist1nvd1prion1cisco1