This page lists publicly disclosed CVE vulnerabilities affecting cisco unified_computing_system (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2015-0633 | The Integrated Management Controller (IMC) in Cisco Unified Computing System (UCS) 1.4(7h) and earlier on C-Series servers allows remote attackers to bypass intended access restrictions by sending crafted DHCP response packets on the local network, aka Bug ID CSCuf52876. | [email protected] | 6.8 | 1.04% | 2015-02-26 | 2026-05-06 |
| CVE-2015-0599 | The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) on C-Series Rack Servers does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCuf50138. | [email protected] | 4.3 | 1.48% | 2015-02-03 | 2026-05-06 |
| CVE-2014-8009 | The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239. | [email protected] | 5.0 | 1.17% | 2014-12-10 | 2026-05-06 |
| CVE-2014-8003 | Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998. | [email protected] | 7.2 | 0.37% | 2014-12-10 | 2026-05-06 |
| CVE-2014-7996 | Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477. | [email protected] | 6.8 | 0.64% | 2014-11-18 | 2026-05-06 |
| CVE-2013-5550 | The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via crafted command parameters that trigger hardware-component write operations, aka Bug ID CSCtq86549. | [email protected] | 4.6 | 0.26% | 2013-10-22 | 2026-04-29 |
| CVE-2012-4115 | The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM virtual-media data, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify this traffic by inserting packets into the client-server data stream, aka Bug ID CSCtr72964. | [email protected] | 5.8 | 0.85% | 2013-10-21 | 2026-04-29 |
| CVE-2012-4117 | The fabric-interconnect component in Cisco Unified Computing System (UCS) does not properly verify X.509 certificates, which allows man-in-the-middle attackers to watch SSL KVM video-channel traffic or modify this traffic via a crafted certificate, aka Bug ID CSCtr73033. | [email protected] | 5.8 | 0.53% | 2013-10-19 | 2026-04-29 |
| CVE-2012-4116 | The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete the authentication process for a server connection, by sniffing the network, aka Bug ID CSCtr72970. | [email protected] | 4.3 | 1.12% | 2013-10-19 | 2026-04-29 |
| CVE-2012-4114 | The fabric-interconnect KVM module in Cisco Unified Computing System (UCS) does not encrypt video data, which allows man-in-the-middle attackers to watch KVM display content by sniffing the network or modify this traffic by inserting packets into the client-server data stream, aka Bug ID CSCtr72949. | [email protected] | 5.8 | 0.85% | 2013-10-19 | 2026-04-29 |
| CVE-2012-4113 | The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and read arbitrary files via crafted command parameters within the command-line interface, aka Bug ID CSCtr43374. | [email protected] | 4.6 | 0.30% | 2013-10-19 | 2026-04-29 |
| CVE-2012-4112 | The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the command-line interface, aka Bug ID CSCtr43330. | [email protected] | 6.8 | 0.33% | 2013-10-19 | 2026-04-29 |
| CVE-2012-4108 | The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554. | [email protected] | 6.8 | 0.35% | 2013-10-13 | 2026-04-29 |
| CVE-2012-4107 | The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted parameters to a file-related command, aka Bug ID CSCtq86489. | [email protected] | 4.6 | 0.28% | 2013-10-13 | 2026-04-29 |
| CVE-2012-4106 | The fabric-interconnect component in Cisco Unified Computing System (UCS) uses the same privilege level for execution of every script, which allows local users to gain privileges and execute arbitrary commands via an unspecified script-execution approach, aka Bug ID CSCtq86477. | [email protected] | 6.8 | 0.40% | 2013-10-13 | 2026-04-29 |
| CVE-2012-4105 | The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (component crash) via crafted "debug hardware" parameters, aka Bug ID CSCtq86468. | [email protected] | 4.6 | 0.31% | 2013-10-13 | 2026-04-29 |
| CVE-2012-4084 | Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755. | [email protected] | 6.8 | 0.82% | 2013-10-05 | 2026-04-29 |
| CVE-2012-4136 | The high-availability service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) does not properly bind the cluster service to the management interface, which allows remote attackers to obtain sensitive information or cause a denial of service (peer-syncing outage) via a TELNET connection, aka Bug ID CSCtz72910. | [email protected] | 6.8 | 1.16% | 2013-10-03 | 2026-04-29 |
| CVE-2012-4111 | The create certreq command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86563. | [email protected] | 6.8 | 0.35% | 2013-10-02 | 2026-04-29 |
| CVE-2012-4110 | run-script in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86560. | [email protected] | 6.8 | 0.35% | 2013-10-02 | 2026-04-29 |