All the vulnerabilites related to cisco - ucs-e140s-m1
Vulnerability from fkie_nvd
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "8804FC02-F5DC-467F-AC53-C9E968537E98", "versionEndExcluding": "3.2\\(12.4\\)", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA1B9BD7-4050-4F99-9412-F3E673FED790", "versionEndIncluding": "4.1\\(3b\\)", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:encs_5100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CF04641-9D9A-4FFC-B3AA-A8A4042EB2C9", "versionEndIncluding": "4.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*", "matchCriteriaId": "678F3A32-372A-441E-8115-95181FBAF628", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:encs_5400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "247817B4-D34D-4ED5-8236-E7C36542538C", "versionEndIncluding": "4.4.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*", "matchCriteriaId": "01AE8153-6C23-46AB-BEAA-A6F27FDFEED7", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:c220_m6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EBB0B1A7-87BD-4594-8F8C-D89E0DF460EC", "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:c220_m6:-:*:*:*:*:*:*:*", "matchCriteriaId": "297A607F-E8CE-4943-BA92-B53585BA683E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:c225_m6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A3E0DB28-6093-40BE-BD71-9E9A35F4C107", "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:c225_m6:-:*:*:*:*:*:*:*", "matchCriteriaId": "3346CA68-1977-429F-BEF6-7CD165298852", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:c240_m6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D90D18EE-2EC0-4C14-A679-6542ACBC81E6", "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:c240_m6:-:*:*:*:*:*:*:*", "matchCriteriaId": "7301A230-B65F-40FB-A4D0-6D9D9B65F4E3", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:c245_m6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1216C5A1-F429-40E9-B0E1-8ED45ED81B48", "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:c245_m6:-:*:*:*:*:*:*:*", "matchCriteriaId": "33A05B60-6E96-4DF8-A607-CC712D0D0A9E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:c125_m5_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4929AAEB-E6BF-43EB-8C0A-64B4ED82A3B7", "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:c125_m5:-:*:*:*:*:*:*:*", "matchCriteriaId": "773F05F8-CF38-4CC8-9FC8-528789073FB2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:c220_m5_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC1BE6F7-B0D0-4224-BB37-E024F2C9715F", "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:c220_m5:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB5FBE2F-1920-48DC-8377-A4AD8202C123", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:c240_m5_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4E9CCA0-1128-48FF-8C97-EF1139C9438E", "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:c240_m5:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4570063-4744-4CF0-AC99-14693E639191", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:c480_m5_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBB8527A-86C1-4413-AC52-3CB7D72FE120", "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:c480_m5:-:*:*:*:*:*:*:*", "matchCriteriaId": "5717A4D4-9CBB-4A7B-A974-76CABB54B2E4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:c480_ml_m5_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "533C38A4-64FF-42CA-9649-2FAE80D12CED", "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:c480_ml_m5:-:*:*:*:*:*:*:*", "matchCriteriaId": "CFB191A5-B7D8-49C3-9CE9-F5CBD506D4C8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "727956AA-0627-46B7-8394-E8A218E2A84D", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140s:-:*:*:*:*:*:*:*", "matchCriteriaId": "0FEC2FF1-D0AB-49B1-AB28-D912384F5540", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E10DD81-5526-4C8A-841F-2561740A0457", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140d:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD7BA377-87BD-4330-9A69-0356A4AEE457", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "47BEB922-330E-4A84-8079-0AD69E0D25D7", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160d:-:*:*:*:*:*:*:*", "matchCriteriaId": "02A9C58E-5148-4671-BA3A-3A7216EC421B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160s-m3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "05C2C217-1A58-44CF-8934-05A27DA3650C", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e180d-m3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA106E3B-870C-442A-AB69-E749196E6A57", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*", "matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e1120d-m3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "13F12356-BDF4-4EE0-8E85-532BD826D67E", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140s-m2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE53EC1B-A239-41BD-A2F6-76F499EA3397", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*", "matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "47BEB922-330E-4A84-8079-0AD69E0D25D7", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160d:-:*:*:*:*:*:*:*", "matchCriteriaId": "02A9C58E-5148-4671-BA3A-3A7216EC421B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e180d-m2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C5F0CBEF-1CA7-49D8-B7E2-5EDD2B3FB925", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e180d-m2:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB3E47EB-9C60-4A06-956A-46B5D2E46239", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140s-m1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D49F74E-A2BD-4C55-A236-AEB3E479416D", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140s-m1:-:*:*:*:*:*:*:*", "matchCriteriaId": "94805A53-CCA0-4737-939F-1157F557770C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E10DD81-5526-4C8A-841F-2561740A0457", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140d:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD7BA377-87BD-4330-9A69-0356A4AEE457", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140dp_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF97AF37-C12A-452F-AD50-581CD5122BBA", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140dp:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE387668-61D1-459D-9871-C23252EF67D2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "47BEB922-330E-4A84-8079-0AD69E0D25D7", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160d:-:*:*:*:*:*:*:*", "matchCriteriaId": "02A9C58E-5148-4671-BA3A-3A7216EC421B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160dp-m1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FDCFE0D-CAF5-4520-AE7B-25F0B66BD7FD", "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160dp-m1:-:*:*:*:*:*:*:*", "matchCriteriaId": "67C1D42D-CEFF-4B66-B211-DAEA94D21F6D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs_s3260_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF6CC866-6832-4F8F-B0B3-6D1A09E2F89B", "versionEndIncluding": "4.0\\(2o\\)", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge." }, { "lang": "es", "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco Integrated Management Controller (IMC), podr\u00eda permitir a un atacante remoto no autenticado redirija a un usuario a una p\u00e1gina web maliciosa.\u0026#xa0;Esta vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de la entrada de los par\u00e1metros en una petici\u00f3n HTTP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al persuadir a un usuario para que haga clic en un v\u00ednculo dise\u00f1ado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante redirigir a un usuario a un sitio web malicioso.\u0026#xa0;Esta vulnerabilidad es conocida como un ataque de redireccionamiento abierto, que es usado en ataques de phishing para que los usuarios visiten sitios maliciosos sin su conocimiento" } ], "id": "CVE-2021-1397", "lastModified": "2024-11-21T05:44:15.633", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "ykramarz@cisco.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-05-06T13:15:09.950", "references": [ { "source": "ykramarz@cisco.com", "tags": [ "Vendor Advisory" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2" } ], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-601" } ], "source": "ykramarz@cisco.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
ykramarz@cisco.com | http://www.securitytracker.com/id/1041173 | Third Party Advisory, VDB Entry | |
ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041173 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass | Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:5400_enterprise_network_compute_system_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "78D8F2EF-72D1-4EAF-80E2-E402A1AC20BA", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:5400_enterprise_network_compute_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B9A84EA-C754-4747-B531-DA9305336059", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:5100_enterprise_network_compute_system_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "AFD2E2E2-20B7-473A-956A-6025E4D43703", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:5100_enterprise_network_compute_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "45FCDA4B-6342-4D89-9DC9-DC255E1C22F0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160s-m3_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "96389397-05B7-4776-ACE3-756329A2B531", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0E6AAD9-824C-4126-8347-2FF1895E6D33", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160s-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "C997EA59-D41F-4235-A9C1-CDDE45A157BC", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160s-k9:-:*:*:*:*:*:*:*", "matchCriteriaId": "48ABFFCA-D59F-4047-A705-69E2BEA24682", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e180d-m3_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "E65CEE67-E49C-4389-8E7D-D586F932D8F8", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*", "matchCriteriaId": "155D990F-C7DA-48DD-92CC-18542DBBE572", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e180d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "442DC7B1-D775-406C-9590-EEE720A46B6F", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e180d-k9:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E54C89D-EDCE-4230-8137-6E3251EC2C25", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e1120d-m3_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "E83F9278-45C0-45BE-885F-5C119EE15548", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF77273F-73C0-40EB-BB4E-75269D46F074", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e1120d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "5D01EE87-CDCA-4611-8EB4-B96C64CB2A8A", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e1120d-k9:-:*:*:*:*:*:*:*", "matchCriteriaId": "1EE910FC-EE78-4644-BAEC-3B032F1BFE59", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140s-m2_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "AB405260-8AD1-43F3-B7A9-EF01A1EC98B7", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*", "matchCriteriaId": "757958F5-F58C-4128-B128-D989A56ACA34", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140s-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "039A0DD4-809A-4232-B49C-95896F49E615", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140s-k9:-:*:*:*:*:*:*:*", "matchCriteriaId": "AEB88308-08AF-422E-A017-5F1E863B6D40", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160d-m2_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "8186F230-EEA9-44A2-8F7E-F0E04E719F2B", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*", "matchCriteriaId": "F62D6B73-1AB7-4B93-A92E-275E78DF114C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "7EEF20D7-5576-4D88-A955-AF1AF39526CD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160d-k9:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4750CE6-95E5-4B02-9298-1EE2CC6EED19", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e180d-m2_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "A08710B2-D68F-461F-A213-5CD6934B97AF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e180d-m2:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB3E47EB-9C60-4A06-956A-46B5D2E46239", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e180d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "442DC7B1-D775-406C-9590-EEE720A46B6F", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e180d-k9:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E54C89D-EDCE-4230-8137-6E3251EC2C25", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140s-m1_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "D563987D-817C-4B7A-B4A5-2AA63B9F2826", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140s-m1:-:*:*:*:*:*:*:*", "matchCriteriaId": "94805A53-CCA0-4737-939F-1157F557770C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140s-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "039A0DD4-809A-4232-B49C-95896F49E615", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140s-k9:-:*:*:*:*:*:*:*", "matchCriteriaId": "AEB88308-08AF-422E-A017-5F1E863B6D40", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160d-m1_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "B4364B25-E06D-4AD9-B1D9-4807E57D90AD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160d-m1:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE24966C-324C-4BE4-8FED-013022D4A266", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "7EEF20D7-5576-4D88-A955-AF1AF39526CD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160d-k9:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4750CE6-95E5-4B02-9298-1EE2CC6EED19", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160dp-m1_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "81BF3D7E-BD4A-4CBA-937B-10BD6A0A3DA7", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160dp-m1:-:*:*:*:*:*:*:*", "matchCriteriaId": "67C1D42D-CEFF-4B66-B211-DAEA94D21F6D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e160dp-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "20751952-1303-4F12-B3A1-5242C146FB17", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e160dp-k9:-:*:*:*:*:*:*:*", "matchCriteriaId": "0C151037-78CD-4DB6-8464-CC0ECEDEA7EC", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140d-m1_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "7578213A-0188-430A-9B19-BCD30CFC36CD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140d-m1:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C2A29F1-8B9A-4AE8-A6A2-6B57B16432A7", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "5FF9AA8D-9852-4F89-AF64-093ABB3FCF26", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140d-k9:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8EDF27D-C317-4AF7-8C8F-7419CE32086D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140dp-m1_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "29EA43FF-FD76-4CC4-8808-7FB7A82A7AC8", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140dp-m1:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C159CA7-EF70-4B58-88C2-0F95BF30DD69", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ucs-e140dp-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "3F42D1A2-5A59-4880-84EF-0D2EA57E31F0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:ucs-e140dp-k9:-:*:*:*:*:*:*:*", "matchCriteriaId": "D9837671-C0BF-4FF2-8904-B376CE38E4E6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability is due to improper security restrictions that are imposed by the affected system. An attacker could exploit this vulnerability by submitting an empty password value to an affected device\u0027s BIOS authentication prompt. An exploit could allow the attacker to have access to a restricted set of user-level BIOS commands. Cisco Bug IDs: CSCvh83260." }, { "lang": "es", "value": "Una vulnerabilidad en la gesti\u00f3n de la autenticaci\u00f3n de la BIOS en Cisco 5000 Series Enterprise Network Compute System y Cisco Unified Computing (UCS) E-Series Servers podr\u00eda permitir que un atacante local no autenticado omita la autenticaci\u00f3n de la BIOS y ejecute acciones como usuario no privilegiado. La vulnerabilidad se debe a las restricciones de seguridad indebidas impuestas por el sistema afectado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un valor de contrase\u00f1a vac\u00edo a la petici\u00f3n de autenticaci\u00f3n de la BIOS de un dispositivo afectado. Su explotaci\u00f3n podr\u00eda permitir que el atacante tenga acceso a un conjunto restringido de comandos de la BIOS de nivel de usuario. Cisco Bug IDs: CSCvh83260." } ], "id": "CVE-2018-0362", "lastModified": "2024-11-21T03:38:03.917", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "exploitabilityScore": 0.9, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-06-21T11:29:00.977", "references": [ { "source": "ykramarz@cisco.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041173" }, { "source": "ykramarz@cisco.com", "tags": [ "Vendor Advisory" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041173" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass" } ], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-287" } ], "source": "ykramarz@cisco.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-287" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
cve-2018-0362
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1041173 | vdb-entry, x_refsource_SECTRACK |
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Cisco 5000 Series Enterprise Network Compute System and Cisco UCS E-Series Servers unknown |
Version: Cisco 5000 Series Enterprise Network Compute System and Cisco UCS E-Series Servers unknown |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T03:21:15.375Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass" }, { "name": "1041173", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041173" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2018-0362", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-29T14:37:32.925327Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-29T14:56:24.119Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco 5000 Series Enterprise Network Compute System and Cisco UCS E-Series Servers unknown", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Cisco 5000 Series Enterprise Network Compute System and Cisco UCS E-Series Servers unknown" } ] } ], "datePublic": "2018-06-21T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability is due to improper security restrictions that are imposed by the affected system. An attacker could exploit this vulnerability by submitting an empty password value to an affected device\u0027s BIOS authentication prompt. An exploit could allow the attacker to have access to a restricted set of user-level BIOS commands. Cisco Bug IDs: CSCvh83260." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-287", "description": "CWE-287", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-06-22T09:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass" }, { "name": "1041173", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041173" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "ID": "CVE-2018-0362", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Cisco 5000 Series Enterprise Network Compute System and Cisco UCS E-Series Servers unknown", "version": { "version_data": [ { "version_value": "Cisco 5000 Series Enterprise Network Compute System and Cisco UCS E-Series Servers unknown" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability is due to improper security restrictions that are imposed by the affected system. An attacker could exploit this vulnerability by submitting an empty password value to an affected device\u0027s BIOS authentication prompt. An exploit could allow the attacker to have access to a restricted set of user-level BIOS commands. Cisco Bug IDs: CSCvh83260." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-287" } ] } ] }, "references": { "reference_data": [ { "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass" }, { "name": "1041173", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041173" } ] } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-0362", "datePublished": "2018-06-21T11:00:00", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2024-11-29T14:56:24.119Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-1397
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2 | vendor-advisory, x_refsource_CISCO |
Vendor | Product | Version | |
---|---|---|---|
▼ | Cisco | Cisco Unified Computing System (Standalone) |
Version: n/a |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:11:16.928Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20210505 Cisco Integrated Management Controller Open Redirect Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-1397", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-08T20:43:58.144792Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-08T23:17:54.152Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Unified Computing System (Standalone)", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2021-05-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-601", "description": "CWE-601", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-05-06T12:42:43", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "20210505 Cisco Integrated Management Controller Open Redirect Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2" } ], "source": { "advisory": "cisco-sa-imc-openred-zAYrU6d2", "defect": [ [ "CSCvv79920", "CSCvx48060" ] ], "discovery": "INTERNAL" }, "title": "Cisco Integrated Management Controller Open Redirect Vulnerability", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-05-05T16:00:00", "ID": "CVE-2021-1397", "STATE": "PUBLIC", "TITLE": "Cisco Integrated Management Controller Open Redirect Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Cisco Unified Computing System (Standalone)", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "impact": { "cvss": { "baseScore": "4.7", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-601" } ] } ] }, "references": { "reference_data": [ { "name": "20210505 Cisco Integrated Management Controller Open Redirect Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-openred-zAYrU6d2" } ] }, "source": { "advisory": "cisco-sa-imc-openred-zAYrU6d2", "defect": [ [ "CSCvv79920", "CSCvx48060" ] ], "discovery": "INTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1397", "datePublished": "2021-05-06T12:42:43.586166Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-11-08T23:17:54.152Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
var-201806-1043
Vulnerability from variot
A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability is due to improper security restrictions that are imposed by the affected system. An attacker could exploit this vulnerability by submitting an empty password value to an affected device's BIOS authentication prompt. An exploit could allow the attacker to have access to a restricted set of user-level BIOS commands. Cisco Bug IDs: CSCvh83260. Vendors have confirmed this vulnerability Bug ID CSCvh83260 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. UCSE-SeriesServers is a data center-class blade server device
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201806-1043", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "ucs-e140dp-k9", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e140dp-m1", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e140d-m1", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e160dp-m1", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e140s-k9", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e160dp-k9", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e160d-m1", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e140d-k9", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e140s-m1", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e160d-k9", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "5400 enterprise network compute system", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e180d-m2", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e160d-m2", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e180d-k9", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e160s-k9", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e1120d-m3", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "5100 enterprise network compute system", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e180d-m3", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e1120d-k9", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e160s-m3", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "ucs-e140s-m2", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(3\\)" }, { "model": "5000 enterprise network compute system", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "5100 enterprise network compute system", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e1120d-k9", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e1120d-m3", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e140d-k9", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e140d-m1", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e140dp-k9", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e140dp-m1", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e140s-k9", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e140s-m1", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e140s-m2", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e160d-k9", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e160d-m1", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e160d-m2", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e160dp-k9", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e160dp-m1", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e160s-k9", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e160s-m3", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e180d-k9", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e180d-m2", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ucs-e180d-m3", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "series enterprise network compute system", "scope": "eq", "trust": 0.6, "vendor": "cisco", "version": "50000" }, { "model": "unified computing e-series servers", "scope": null, "trust": 0.6, "vendor": "cisco", "version": null } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-14575" }, { "db": "JVNDB", "id": "JVNDB-2018-006586" }, { "db": "NVD", "id": "CVE-2018-0362" }, { "db": "CNNVD", "id": "CNNVD-201806-1115" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:5400_enterprise_network_compute_system_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:5400_enterprise_network_compute_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:5100_enterprise_network_compute_system_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:5100_enterprise_network_compute_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160s-m3_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160s-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160s-k9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e180d-m3_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e180d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e180d-k9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e1120d-m3_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e1120d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e1120d-k9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140s-m2_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140s-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140s-k9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160d-m2_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160d-m2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160d-k9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e180d-m2_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e180d-m2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e180d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e180d-k9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140s-m1_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140s-m1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140s-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140s-k9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160d-m1_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160d-m1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160d-k9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160dp-m1_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160dp-m1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160dp-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160dp-k9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140d-m1_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140d-m1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140d-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140d-k9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140dp-m1_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140dp-m1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140dp-k9_firmware:3.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140dp-k9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2018-0362" } ] }, "cve": "CVE-2018-0362", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 4.6, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2018-0362", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CNVD-2018-14575", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-118564", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "author": "NVD", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 0.9, "impactScore": 3.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Physical", "author": "NVD", "availabilityImpact": "Low", "baseScore": 4.3, "baseSeverity": "Medium", "confidentialityImpact": "Low", "exploitabilityScore": null, "id": "CVE-2018-0362", "impactScore": null, "integrityImpact": "Low", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2018-0362", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2018-14575", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201806-1115", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-118564", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-14575" }, { "db": "VULHUB", "id": "VHN-118564" }, { "db": "JVNDB", "id": "JVNDB-2018-006586" }, { "db": "NVD", "id": "CVE-2018-0362" }, { "db": "CNNVD", "id": "CNNVD-201806-1115" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability is due to improper security restrictions that are imposed by the affected system. An attacker could exploit this vulnerability by submitting an empty password value to an affected device\u0027s BIOS authentication prompt. An exploit could allow the attacker to have access to a restricted set of user-level BIOS commands. Cisco Bug IDs: CSCvh83260. Vendors have confirmed this vulnerability Bug ID CSCvh83260 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. UCSE-SeriesServers is a data center-class blade server device", "sources": [ { "db": "NVD", "id": "CVE-2018-0362" }, { "db": "JVNDB", "id": "JVNDB-2018-006586" }, { "db": "CNVD", "id": "CNVD-2018-14575" }, { "db": "VULHUB", "id": "VHN-118564" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-0362", "trust": 3.1 }, { "db": "SECTRACK", "id": "1041173", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2018-006586", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201806-1115", "trust": 0.7 }, { "db": "CNVD", "id": "CNVD-2018-14575", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-118564", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-14575" }, { "db": "VULHUB", "id": "VHN-118564" }, { "db": "JVNDB", "id": "JVNDB-2018-006586" }, { "db": "NVD", "id": "CVE-2018-0362" }, { "db": "CNNVD", "id": "CNNVD-201806-1115" } ] }, "id": "VAR-201806-1043", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2018-14575" }, { "db": "VULHUB", "id": "VHN-118564" } ], "trust": 1.5125 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-14575" } ] }, "last_update_date": "2023-12-18T12:44:01.266000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "cisco-sa-20180620-encs-ucs-bios-auth-bypass", "trust": 0.8, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass" }, { "title": "Cisco 5000 Series Enterprise Network Compute System and UCSE-SeriesServers authentication bypass vulnerability patches", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/136329" }, { "title": "Cisco 5000 Series Enterprise Network Compute System and UCS E-Series Servers Remediation measures for authorization problem vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=81447" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-14575" }, { "db": "JVNDB", "id": "JVNDB-2018-006586" }, { "db": "CNNVD", "id": "CNNVD-201806-1115" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-287", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-118564" }, { "db": "JVNDB", "id": "JVNDB-2018-006586" }, { "db": "NVD", "id": "CVE-2018-0362" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass" }, { "trust": 1.7, "url": "http://www.securitytracker.com/id/1041173" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0362" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-0362" }, { "trust": 0.6, "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/cscvh83260" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-14575" }, { "db": "VULHUB", "id": "VHN-118564" }, { "db": "JVNDB", "id": "JVNDB-2018-006586" }, { "db": "NVD", "id": "CVE-2018-0362" }, { "db": "CNNVD", "id": "CNNVD-201806-1115" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2018-14575" }, { "db": "VULHUB", "id": "VHN-118564" }, { "db": "JVNDB", "id": "JVNDB-2018-006586" }, { "db": "NVD", "id": "CVE-2018-0362" }, { "db": "CNNVD", "id": "CNNVD-201806-1115" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-08-03T00:00:00", "db": "CNVD", "id": "CNVD-2018-14575" }, { "date": "2018-06-21T00:00:00", "db": "VULHUB", "id": "VHN-118564" }, { "date": "2018-08-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-006586" }, { "date": "2018-06-21T11:29:00.977000", "db": "NVD", "id": "CVE-2018-0362" }, { "date": "2018-06-22T00:00:00", "db": "CNNVD", "id": "CNNVD-201806-1115" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-08-03T00:00:00", "db": "CNVD", "id": "CNVD-2018-14575" }, { "date": "2019-10-09T00:00:00", "db": "VULHUB", "id": "VHN-118564" }, { "date": "2018-08-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-006586" }, { "date": "2019-10-09T23:31:52.397000", "db": "NVD", "id": "CVE-2018-0362" }, { "date": "2019-10-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201806-1115" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201806-1115" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Cisco 5000 Series Enterprise Network Compute System and Unified Computing E-Series Server Authentication vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-006586" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "authorization issue", "sources": [ { "db": "CNNVD", "id": "CNNVD-201806-1115" } ], "trust": 0.6 } }
var-202105-0500
Vulnerability from variot
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202105-0500", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "ucs-e140s-m1", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(11.5\\)" }, { "model": "ucs-e140s-m2", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(11.5\\)" }, { "model": "ucs-e160d", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(11.5\\)" }, { "model": "c220 m5", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.1\\(2f\\)" }, { "model": "ucs-e180d-m2", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(11.5\\)" }, { "model": "c225 m6", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.1\\(2f\\)" }, { "model": "encs 5100", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.4.2" }, { "model": "c480 m5", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.1\\(2f\\)" }, { "model": "c480 ml m5", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.1\\(2f\\)" }, { "model": "integrated management controller", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(12.4\\)" }, { "model": "ucs-e140dp", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(11.5\\)" }, { "model": "ucs-e160dp-m1", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(11.5\\)" }, { "model": "c240 m5", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.1\\(2f\\)" }, { "model": "ucs-e1120d-m3", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(11.5\\)" }, { "model": "ucs s3260", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.0\\(2o\\)" }, { "model": "ucs-e140s", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(11.5\\)" }, { "model": "c125 m5", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.1\\(2f\\)" }, { "model": "encs 5400", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.4.2" }, { "model": "ucs manager", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.1\\(3b\\)" }, { "model": "ucs-e180d-m3", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(11.5\\)" }, { "model": "c220 m6", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.1\\(2f\\)" }, { "model": "ucs-e140d", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(11.5\\)" }, { "model": "c240 m6", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.1\\(2f\\)" }, { "model": "ucs-e160s-m3", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "3.2\\(11.5\\)" }, { "model": "c245 m6", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.1\\(2f\\)" }, { "model": "c245 m6", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco ucs manager", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "c220 m6", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "c225 m6", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "c240 m5", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "encs 5400", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco integrated management controller", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "c220 m5", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "c125 m5", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "encs 5100", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-006607" }, { "db": "NVD", "id": "CVE-2021-1397" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1\\(3b\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2\\(12.4\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:encs_5100_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.4.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:encs_5100:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:encs_5400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.4.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:encs_5400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:c220_m6_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:c220_m6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:c225_m6_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:c225_m6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:c240_m6_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:c240_m6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:c245_m6_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:c245_m6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:c125_m5_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:c125_m5:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:c220_m5_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:c220_m5:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:c240_m5_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:c240_m5:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:c480_m5_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:c480_m5:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:c480_ml_m5_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1\\(2f\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:c480_ml_m5:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140d_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140d:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160d_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160d:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160s-m3_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160s-m3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e180d-m3_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e180d-m3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e1120d-m3_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e1120d-m3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140s-m2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140s-m2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160d_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160d:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e180d-m2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e180d-m2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140s-m1_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140s-m1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140d_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140d:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e140dp_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e140dp:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160d_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160d:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs-e160dp-m1_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2\\(11.5\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs-e160dp-m1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ucs_s3260_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.0\\(2o\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-1397" } ] }, "cve": "CVE-2021-1397", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 4.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.8, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2021-1397", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-374451", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 2.8, "impactScore": 2.7, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "ykramarz@cisco.com", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "impactScore": 1.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 6.1, "baseSeverity": "Medium", "confidentialityImpact": "Low", "exploitabilityScore": null, "id": "CVE-2021-1397", "impactScore": null, "integrityImpact": "Low", "privilegesRequired": "None", "scope": "Changed", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-1397", "trust": 1.8, "value": "MEDIUM" }, { "author": "ykramarz@cisco.com", "id": "CVE-2021-1397", "trust": 1.0, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202105-139", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-374451", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2021-1397", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-374451" }, { "db": "VULMON", "id": "CVE-2021-1397" }, { "db": "JVNDB", "id": "JVNDB-2021-006607" }, { "db": "NVD", "id": "CVE-2021-1397" }, { "db": "NVD", "id": "CVE-2021-1397" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202105-139" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", "sources": [ { "db": "NVD", "id": "CVE-2021-1397" }, { "db": "JVNDB", "id": "JVNDB-2021-006607" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "VULHUB", "id": "VHN-374451" }, { "db": "VULMON", "id": "CVE-2021-1397" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-1397", "trust": 3.4 }, { "db": "JVNDB", "id": "JVNDB-2021-006607", "trust": 0.8 }, { "db": "CS-HELP", "id": "SB2021041363", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.1538", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021050705", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202105-139", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-374451", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2021-1397", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-374451" }, { "db": "VULMON", "id": "CVE-2021-1397" }, { "db": "JVNDB", "id": "JVNDB-2021-006607" }, { "db": "NVD", "id": "CVE-2021-1397" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202105-139" } ] }, "id": "VAR-202105-0500", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-374451" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T11:26:14.828000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "cisco-sa-imc-openred-zAYrU6d2", "trust": 0.8, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-imc-openred-zayru6d2" }, { "title": "Cisco\u00a0Integrated Management Controller Enter the fix for the verification error vulnerability", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=150783" }, { "title": "Cisco: Cisco Integrated Management Controller Open Redirect Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-imc-openred-zayru6d2" } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-1397" }, { "db": "JVNDB", "id": "JVNDB-2021-006607" }, { "db": "CNNVD", "id": "CNNVD-202105-139" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-601", "trust": 1.1 }, { "problemtype": "Open redirect (CWE-601) [ Other ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-374451" }, { "db": "JVNDB", "id": "JVNDB-2021-006607" }, { "db": "NVD", "id": "CVE-2021-1397" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-imc-openred-zayru6d2" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1397" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021050705" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.1538" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/601.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULHUB", "id": "VHN-374451" }, { "db": "VULMON", "id": "CVE-2021-1397" }, { "db": "JVNDB", "id": "JVNDB-2021-006607" }, { "db": "NVD", "id": "CVE-2021-1397" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202105-139" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-374451" }, { "db": "VULMON", "id": "CVE-2021-1397" }, { "db": "JVNDB", "id": "JVNDB-2021-006607" }, { "db": "NVD", "id": "CVE-2021-1397" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202105-139" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-05-06T00:00:00", "db": "VULHUB", "id": "VHN-374451" }, { "date": "2021-05-06T00:00:00", "db": "VULMON", "id": "CVE-2021-1397" }, { "date": "2022-01-14T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-006607" }, { "date": "2021-05-06T13:15:09.950000", "db": "NVD", "id": "CVE-2021-1397" }, { "date": "2021-04-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2021-05-05T00:00:00", "db": "CNNVD", "id": "CNNVD-202105-139" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-05-26T00:00:00", "db": "VULHUB", "id": "VHN-374451" }, { "date": "2021-05-14T00:00:00", "db": "VULMON", "id": "CVE-2021-1397" }, { "date": "2022-01-14T03:03:00", "db": "JVNDB", "id": "JVNDB-2021-006607" }, { "date": "2023-11-07T03:28:12.480000", "db": "NVD", "id": "CVE-2021-1397" }, { "date": "2021-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2021-05-18T00:00:00", "db": "CNNVD", "id": "CNNVD-202105-139" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202105-139" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Cisco\u00a0Integrated\u00a0Management\u00a0Controller\u00a0 Open redirect vulnerability in software", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-006607" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-975" } ], "trust": 0.6 } }