The Integrated Management Controller (IMC) in Cisco Unified Computing System (UCS) 1.4(7h) and earlier on C-Series servers allows remote attackers to bypass intended access restrictions by sending crafted DHCP response packets on the local network, aka Bug ID CSCuf52876.
Conclusion & alert: CVE-2015-0633 is rated Moderate Risk (48.7/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 1.04%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.27% | 1.04% | +0.77% |
| 2 | 2025-04-17 | 0.18% | 0.27% | +0.09% |
| 3 | 2025-03-17 | — | 0.18% | — |
Full EPSS history (5 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 6.8 | 2.0 | MEDIUM |
|
6.5 | 7.8 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| cisco | unified_computing_system | 1.4 | cpe:2.3:a:cisco:unified_computing_system:1.4:*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(1c\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(1c\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(2\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(2\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(3c\)1 | cpe:2.3:a:cisco:unified_computing_system:1.4\(3c\)1:*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(3c\)2 | cpe:2.3:a:cisco:unified_computing_system:1.4\(3c\)2:*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(3j\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(3j\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(3k\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(3k\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(3p\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(3p\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(3p\)5 | cpe:2.3:a:cisco:unified_computing_system:1.4\(3p\)5:*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(3s\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(3s\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(4a\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(4a\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(4a\)1 | cpe:2.3:a:cisco:unified_computing_system:1.4\(4a\)1:*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(5b\)1 | cpe:2.3:a:cisco:unified_computing_system:1.4\(5b\)1:*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(5e\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(5e\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(5g\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(5g\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(5g\)2 | cpe:2.3:a:cisco:unified_computing_system:1.4\(5g\)2:*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(5h\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(5h\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(5j\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(5j\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(6c\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(6c\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(6d\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(6d\):*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(7b\)1 | cpe:2.3:a:cisco:unified_computing_system:1.4\(7b\)1:*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(7c\)1 | cpe:2.3:a:cisco:unified_computing_system:1.4\(7c\)1:*:*:*:*:*:*:* |
| cisco | unified_computing_system | 1.4\(7h\) | cpe:2.3:a:cisco:unified_computing_system:1.4\(7h\):*:*:*:*:*:*:* |