All the vulnerabilites related to cisco - ucs_c240_m3
Vulnerability from fkie_nvd
Published
2020-11-18 19:15
Modified
2024-11-21 05:31
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for certain user-supplied input. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the API subsystem of an affected system. When this request is processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying operating system (OS).
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHdVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHdVendor Advisory
Impacted products
Vendor Product Version
cisco enterprise_nfv_infrastructure_software *
cisco enterprise_network_compute_system_5100 -
cisco enterprise_network_compute_system_5400 -
cisco integrated_management_controller *
cisco c125_m5 -
cisco c220_m5 -
cisco c240_m5 -
cisco c480_m5 -
cisco c480_ml_m5 -
cisco integrated_management_controller *
cisco integrated_management_controller *
cisco integrated_management_controller *
cisco ucs_c220_m4 -
cisco ucs_c460_m4 -
cisco integrated_management_controller *
cisco ucs_c22_m3 -
cisco ucs_c220_m3 -
cisco ucs_c24_m3 -
cisco ucs_c240_m3 -
cisco ucs_c420_m3 -
cisco integrated_management_controller *
cisco ucs_e-series_m1 -
cisco ucs_e-series_m2 -
cisco ucs_e-series_m3 -
cisco integrated_management_controller *
cisco integrated_management_controller *
cisco ucs_s3260 -
cisco integrated_management_controller *
cisco ucs_s3160 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:enterprise_nfv_infrastructure_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A232F87-498C-4564-91FE-A09DD08FD8D6",
              "versionEndExcluding": "4.4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:enterprise_network_compute_system_5100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C99F93F-96BC-486D-838A-0E91CCA2A506",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:enterprise_network_compute_system_5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4748E0D1-6976-402F-8845-BDA4959B7CB8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8296D38E-D127-4EEC-9E46-11649B17FA80",
              "versionEndIncluding": "4.0\\(4l\\)",
              "versionStartIncluding": "4.0\\(1a\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:c125_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "773F05F8-CF38-4CC8-9FC8-528789073FB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c220_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5FBE2F-1920-48DC-8377-A4AD8202C123",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c240_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4570063-4744-4CF0-AC99-14693E639191",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c480_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5717A4D4-9CBB-4A7B-A974-76CABB54B2E4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c480_ml_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB191A5-B7D8-49C3-9CE9-F5CBD506D4C8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38DCD8EC-49D3-42F5-B173-0A7292440D2C",
              "versionEndIncluding": "3.0\\(4q\\)",
              "versionStartIncluding": "3.0\\(1c\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB14CB04-F746-4223-8567-ED40E63D2B7A",
              "versionEndIncluding": "4.0\\(2l\\)",
              "versionStartIncluding": "4.0\\(1a\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "716BFD71-D434-4004-B6CE-61AC0B3F5CDE",
              "versionEndIncluding": "4.1\\(1f\\)",
              "versionStartIncluding": "4.1\\(1c\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c220_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD45BB8A-BC47-4DFB-9027-93ACF0DA302B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c460_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6B4CF9E-A757-4F4B-931A-538FC2F5331A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38DCD8EC-49D3-42F5-B173-0A7292440D2C",
              "versionEndIncluding": "3.0\\(4q\\)",
              "versionStartIncluding": "3.0\\(1c\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c22_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE87B6DD-FDE4-4484-84C7-EAF383EB6BAC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c220_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5368DBDD-B482-4705-A186-6D5B5B21B754",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c24_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9403C407-8BE9-416E-94C0-3CB6F732C592",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c240_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CB75EF7-5889-4D6F-A488-F1EB30596F9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c420_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2C12B1-A75B-450A-BD31-53EF15F1F4A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F24473F-4E6F-4B5D-8367-4A837D8A8CEE",
              "versionEndExcluding": "3.2.11.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_e-series_m1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0026BDC6-C453-4A83-962D-78A33726748F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_e-series_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7C917DE-E3EC-4D3C-BADD-9E4BFE374FE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_e-series_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56324B92-6441-4EB2-AF88-12381DCC2F1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B593E934-6A3C-4500-9AEE-023E28A16A48",
              "versionEndIncluding": "4.0\\(4l\\)",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "716BFD71-D434-4004-B6CE-61AC0B3F5CDE",
              "versionEndIncluding": "4.1\\(1f\\)",
              "versionStartIncluding": "4.1\\(1c\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38DCD8EC-49D3-42F5-B173-0A7292440D2C",
              "versionEndIncluding": "3.0\\(4q\\)",
              "versionStartIncluding": "3.0\\(1c\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_s3160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7182D3-DC99-4CF2-BAFF-506AE6813D96",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for certain user-supplied input. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the API subsystem of an affected system. When this request is processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying operating system (OS)."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en el subsistema API de Cisco Integrated Management Controller (IMC), podr\u00edan permitir a un atacante remoto no autenticado ejecutar c\u00f3digo arbitrario con privilegios root.\u0026#xa0;Las vulnerabilidades son debido a comprobaciones de l\u00edmites inapropiadas para determinada entrada suministrada por el usuario.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades mediante el env\u00edo una petici\u00f3n HTTP dise\u00f1ada hacia el subsistema API de un sistema afectado.\u0026#xa0;Cuando esta petici\u00f3n es procesada, puede ocurrir una condici\u00f3n de desbordamiento de b\u00fafer explotable.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario con privilegios root en el sistema operativo subyacente (SO)"
    }
  ],
  "id": "CVE-2020-3470",
  "lastModified": "2024-11-21T05:31:08.060",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-11-18T19:15:12.540",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHd"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-10-21 03:15
Modified
2024-11-21 06:11
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart. The vulnerability is due to insufficient input validation on the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause the interface to restart, resulting in a denial of service (DoS) condition.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-gui-dos-TZjrFyZhVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-gui-dos-TZjrFyZhVendor Advisory
Impacted products
Vendor Product Version
cisco unified_computing_system *
cisco unified_computing_system *
cisco ucs_c125_m5 -
cisco ucs_c22_m3 -
cisco ucs_c220_m3 -
cisco ucs_c220_m4 -
cisco ucs_c220_m5 -
cisco ucs_c225_m6 -
cisco ucs_c24_m3 -
cisco ucs_c240_m3 -
cisco ucs_c240_m5 -
cisco ucs_c240_sd_m5 -
cisco ucs_c245_m6 -
cisco ucs_c260_m2 -
cisco ucs_c3160 -
cisco ucs_c3260 -
cisco ucs_c420_m3 -
cisco ucs_c4200 -
cisco ucs_c460_m2 -
cisco ucs_c460_m4 -
cisco ucs_c480_m5 -
cisco ucs_c480_ml_m5 -
cisco ucs_c890_m5 -
cisco unified_computing_system *
cisco ucs_s3260 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A905D0-ACBA-453C-A517-CEB0D98E836C",
              "versionEndExcluding": "4.1\\(2g\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2988EA7D-D1B7-4A45-A7E1-F4CDCE8A449B",
              "versionEndExcluding": "4.2\\(1b\\)",
              "versionStartIncluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c125_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADD4A429-F168-460B-A964-8F1BD94C6387",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c22_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE87B6DD-FDE4-4484-84C7-EAF383EB6BAC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c220_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5368DBDD-B482-4705-A186-6D5B5B21B754",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c220_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD45BB8A-BC47-4DFB-9027-93ACF0DA302B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c220_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E1346-BACC-4485-9534-7C830FCFD54B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c225_m6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9C38B65-9A77-40BF-BE77-2B307A0AFC1D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c24_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9403C407-8BE9-416E-94C0-3CB6F732C592",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c240_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CB75EF7-5889-4D6F-A488-F1EB30596F9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c240_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F262ADAB-74DC-466B-983A-C49E4BAC22C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c240_sd_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9768750-2981-4F7B-82B5-8BB64FD5AAD5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c245_m6:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B319520-A217-4070-ABAF-29DCE6EDB6D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c260_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B63849-1831-4564-9F9C-BDBDA267E9AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c3160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1C3AF7-DF08-494D-B3FA-001CC9114DC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c3260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22B85A56-2058-42C3-87EF-F9A7DD4726B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c420_m3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2C12B1-A75B-450A-BD31-53EF15F1F4A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD25964B-08B7-477E-A507-5FE5EE7CD286",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c460_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1311C886-01AA-45DA-9479-0287C935DE91",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c460_m4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6B4CF9E-A757-4F4B-931A-538FC2F5331A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c480_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D0B0FA5-996F-4F25-8AAB-603CB46175F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c480_ml_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E829EF2-3BFE-48CD-A0CE-8DFA20440EF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_c890_m5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87A68188-3C0E-422A-A674-0E8BF18E7091",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DAF0295-8C01-4C4D-842E-46387B239C81",
              "versionEndExcluding": "4.1\\(3e\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDC8A69-0914-44C1-8AEA-262E0A285C81",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart. The vulnerability is due to insufficient input validation on the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause the interface to restart, resulting in a denial of service (DoS) condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Integrated Management Controller (IMC) Software podr\u00eda permitir a un atacante remoto no autenticado causar el reinicio inesperado de la interfaz de administraci\u00f3n basada en web. La vulnerabilidad es debido a que la interfaz de administraci\u00f3n basada en web no comprueba suficientemente las entradas. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTP dise\u00f1ada a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar el reinicio de la interfaz, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS)"
    }
  ],
  "id": "CVE-2021-34736",
  "lastModified": "2024-11-21T06:11:04.973",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-21T03:15:06.890",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-gui-dos-TZjrFyZh"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-gui-dos-TZjrFyZh"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2021-34736
Vulnerability from cvelistv5
Published
2021-10-21 02:50
Modified
2024-11-07 21:46
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart. The vulnerability is due to insufficient input validation on the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause the interface to restart, resulting in a denial of service (DoS) condition.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-gui-dos-TZjrFyZhvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.111Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20211020 Cisco Integrated Management Controller GUI Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-gui-dos-TZjrFyZh"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34736",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:44:36.610487Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T21:46:33.524Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Unified Computing System (Managed)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-10-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart. The vulnerability is due to insufficient input validation on the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause the interface to restart, resulting in a denial of service (DoS) condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-21T02:50:50",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20211020 Cisco Integrated Management Controller GUI Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-gui-dos-TZjrFyZh"
        }
      ],
      "source": {
        "advisory": "cisco-sa-imc-gui-dos-TZjrFyZh",
        "defect": [
          [
            "CSCvy91321"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Integrated Management Controller GUI Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-10-20T16:00:00",
          "ID": "CVE-2021-34736",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Integrated Management Controller GUI Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Unified Computing System (Managed)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart. The vulnerability is due to insufficient input validation on the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause the interface to restart, resulting in a denial of service (DoS) condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20211020 Cisco Integrated Management Controller GUI Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-gui-dos-TZjrFyZh"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-imc-gui-dos-TZjrFyZh",
          "defect": [
            [
              "CSCvy91321"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34736",
    "datePublished": "2021-10-21T02:50:50.138911Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T21:46:33.524Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-3470
Vulnerability from cvelistv5
Published
2020-11-18 17:41
Modified
2024-11-13 17:37
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for certain user-supplied input. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the API subsystem of an affected system. When this request is processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying operating system (OS).
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHdvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.149Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201118 Cisco Integrated Management Controller Multiple Remote Code Execution Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHd"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3470",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:10:44.002733Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:37:58.871Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Unified Computing System (Standalone)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-11-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for certain user-supplied input. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the API subsystem of an affected system. When this request is processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying operating system (OS)."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-18T17:41:18",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201118 Cisco Integrated Management Controller Multiple Remote Code Execution Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHd"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ucs-api-rce-UXwpeDHd",
        "defect": [
          [
            "CSCvu21215",
            "CSCvu21222",
            "CSCvu22429",
            "CSCvu80203"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Integrated Management Controller Multiple Remote Code Execution Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-11-18T16:00:00",
          "ID": "CVE-2020-3470",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Integrated Management Controller Multiple Remote Code Execution Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Unified Computing System (Standalone)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for certain user-supplied input. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the API subsystem of an affected system. When this request is processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying operating system (OS)."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "9.8",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201118 Cisco Integrated Management Controller Multiple Remote Code Execution Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHd"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ucs-api-rce-UXwpeDHd",
          "defect": [
            [
              "CSCvu21215",
              "CSCvu21222",
              "CSCvu22429",
              "CSCvu80203"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3470",
    "datePublished": "2020-11-18T17:41:18.106724Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:37:58.871Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}