Lucene search

[email protected]CVE-2012-4106

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-4106

2022-10-0316:15:35

CWE-264

[email protected]

web.nvd.nist.gov

cisco

ucs

fabric-interconnect

local users

privileges

arbitrary commands

vulnerability

CVSS2

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

Percentile

5.1%

JSON

The fabric-interconnect component in Cisco Unified Computing System (UCS) uses the same privilege level for execution of every script, which allows local users to gain privileges and execute arbitrary commands via an unspecified script-execution approach, aka Bug ID CSCtq86477.

Affected configurations

NVD

Node

ciscounified_computing_systemMatch-

VendorProductVersionCPE
ciscounified_computing_system-cpe:/h:cisco:unified_computing_system:-:::

Vendor	Product	Version	CPE
cisco	unified_computing_system	-	cpe:/h:cisco:unified_computing_system:-:::

References

osvdb.org/98354

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4106

www.securityfocus.com/bid/62981

CVSS2

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2012-4106

prion1 cvelist1 nvd1 cisco1