Lucene search
HistoryApr 25, 2013 - 10:55 a.m.
CVE-2013-1185
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.1
Confidence
Low
EPSS
0.004
Percentile
72.9%
The web interface in the Manager component in Cisco Unified Computing System (UCS) 1.x and 2.x before 2.0(2m) allows remote attackers to obtain sensitive information by reading a (1) technical-support bundle file or (2) on-device configuration backup, aka Bug ID CSCtq86543.
Affected configurations
Node
ciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.0
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.0\(2k\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.1
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.1\(1m\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.2
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.2\(1\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.2\(1a\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.2\(1d\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1c\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1m\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1n\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1o\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1p\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1q\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1t\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1w\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.3\(1y\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(1j\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(1m\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(3i\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(3l\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(3m\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(3q\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(3s\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(3u\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(3y\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(4f\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(4g\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(4i\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(4j\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(4k\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch2.0\(1q\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch2.0\(1s\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch2.0\(1t\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch2.0\(1w\)
ORciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch2.0\(1x\)
ciscounified_computing_system_6120xp_fabric_interconnectMatch-
ORciscounified_computing_system_6140xp_fabric_interconnectMatch-
ORciscounified_computing_system_6248up_fabric_interconnectMatch-
ORciscounified_computing_system_6296up_fabric_interconnectMatch-
ORciscounified_computing_system_integrated_management_controllerMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.0 | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.0:*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.0(2k) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.0\(2k\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.1 | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1:*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.1(1m) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1\(1m\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.2 | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.2:*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.2(1) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.2\(1\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.2(1a) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.2\(1a\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.2(1d) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.2\(1d\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.3(1c) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\(1c\):*:*:*:*:*:*:* |
| cisco | unified_computing_system_infrastructure_and_unified_computing_system_software | 1.3(1m) | cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\(1m\):*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2013-04-25 10:55:00
cvelist
cvelist
CVE-2013-1185
2013-04-25 10:00:00
cve
cve
CVE-2013-1185
2013-04-25 10:55:01
nessus
nessus
securityvulns
securityvulns
Cisco Unified Computing System multiple security vulnerabilities
2013-05-06 00:00:00
cisco
cisco
Multiple Vulnerabilities in Cisco Unified Computing System
2013-04-24 16:00:00
openvas
openvas
Cisco Unified Computing System Multiple Vulnerabilities
2013-10-10 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.1
Confidence
Low
EPSS
0.004
Percentile
72.9%
Related for NVD:CVE-2013-1185