cvelistv5 - CVE-2013-1182

CVE-2013-1182

Vulnerability from cvelistv5

Published

2013-04-25 10:00

Modified

2024-09-16 22:25

Severity ?

Summary

References

▼	URL	Tags
	ykramarz@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti	Vendor Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:49:20.782Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20130424 Multiple Vulnerabilities in Cisco Unified Computing System",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-04-25T10:00:00Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20130424 Multiple Vulnerabilities in Cisco Unified Computing System",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2013-1182",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20130424 Multiple Vulnerabilities in Cisco Unified Computing System",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2013-1182",
    "datePublished": "2013-04-25T10:00:00Z",
    "dateReserved": "2013-01-11T00:00:00Z",
    "dateUpdated": "2024-09-16T22:25:30.664Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0\", \"matchCriteriaId\": \"2D750A18-D9BA-4AA4-8DA5-CB38F0430996\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75680C91-A1EF-4BE1-8D26-C4763E44A091\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1c\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E8C881B-CAAC-40AB-A9BF-93495BAFE56F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1m\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20C079CC-34E2-4C8D-ABC9-6D76F4A22D73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1n\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2FDBA01-AE8E-4B06-9A4E-71CB16D3C592\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1o\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"765CC42E-FAC8-43D6-9B40-B8CF7272C4FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1p\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C0806ED-7F9C-4166-B47A-0381C215FF2D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1q\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76367743-6762-4C70-AFD7-4848E2FE3F61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1t\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4857DF36-804A-4B2B-B2AA-37E8A0036F65\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1w\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B18FB5A-F569-413C-BA09-58C28EF9316C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1y\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41EC377E-7DAD-4E6C-AC3F-215B6EAB05D6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:unified_computing_system_6120xp_fabric_interconnect:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"908F8E5E-9BC4-4682-8C25-C07DB032A18B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:unified_computing_system_6140xp_fabric_interconnect:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92F5E053-2C45-43F0-8A86-FB3C4C0B04E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:unified_computing_system_6248up_fabric_interconnect:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6584DF3-E466-49BE-B4D8-3E249B7816F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:unified_computing_system_6296up_fabric_interconnect:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18DD763C-BBA6-48EC-9CFF-A5F0DEF85756\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:unified_computing_system_integrated_management_controller:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96F29BD7-06E5-4149-90CB-F9733D04AFF7\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.\"}, {\"lang\": \"es\", \"value\": \"La p\\u00e1gina de inicio de sesi\\u00f3n en la consola Web en el componente Administrador de Cisco Unified Computing System (UCS), antes de v1.0(2h) v1.1 antes de v1.1(1j), y v1.3(x), permite a atacantes remotos evitar la autenticaci\\u00f3n LDAP a trav\\u00e9s de una solicitud mal formada, tambi\\u00e9n conocido como Bug ID CSCtc91207.\"}]",
      "id": "CVE-2013-1182",
      "lastModified": "2024-11-21T01:49:03.947",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-04-25T10:55:01.683",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-1182\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2013-04-25T10:55:01.683\",\"lastModified\":\"2024-11-21T01:49:03.947\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.\"},{\"lang\":\"es\",\"value\":\"La p\u00e1gina de inicio de sesi\u00f3n en la consola Web en el componente Administrador de Cisco Unified Computing System (UCS), antes de v1.0(2h) v1.1 antes de v1.1(1j), y v1.3(x), permite a atacantes remotos evitar la autenticaci\u00f3n LDAP a trav\u00e9s de una solicitud mal formada, tambi\u00e9n conocido como Bug ID CSCtc91207.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0\",\"matchCriteriaId\":\"2D750A18-D9BA-4AA4-8DA5-CB38F0430996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75680C91-A1EF-4BE1-8D26-C4763E44A091\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1c\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E8C881B-CAAC-40AB-A9BF-93495BAFE56F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1m\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20C079CC-34E2-4C8D-ABC9-6D76F4A22D73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1n\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2FDBA01-AE8E-4B06-9A4E-71CB16D3C592\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1o\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"765CC42E-FAC8-43D6-9B40-B8CF7272C4FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1p\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C0806ED-7F9C-4166-B47A-0381C215FF2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1q\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76367743-6762-4C70-AFD7-4848E2FE3F61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1t\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4857DF36-804A-4B2B-B2AA-37E8A0036F65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1w\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B18FB5A-F569-413C-BA09-58C28EF9316C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\\\(1y\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41EC377E-7DAD-4E6C-AC3F-215B6EAB05D6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_6120xp_fabric_interconnect:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"908F8E5E-9BC4-4682-8C25-C07DB032A18B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_6140xp_fabric_interconnect:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F5E053-2C45-43F0-8A86-FB3C4C0B04E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_6248up_fabric_interconnect:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6584DF3-E466-49BE-B4D8-3E249B7816F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_6296up_fabric_interconnect:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18DD763C-BBA6-48EC-9CFF-A5F0DEF85756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_integrated_management_controller:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96F29BD7-06E5-4149-90CB-F9733D04AFF7\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

ghsa-r276-g96q-g9m3

Vulnerability from github

Published

2022-05-17 05:11

Modified

2022-05-17 05:11

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-1182"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-04-25T10:55:00Z",
    "severity": "HIGH"
  },
  "details": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.",
  "id": "GHSA-r276-g96q-g9m3",
  "modified": "2022-05-17T05:11:14Z",
  "published": "2022-05-17T05:11:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1182"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2013-1182

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2013-1182

Aliases

CVE-2013-1182

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-1182",
    "description": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.",
    "id": "GSD-2013-1182"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-1182"
      ],
      "details": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.",
      "id": "GSD-2013-1182",
      "modified": "2023-12-13T01:22:20.102033Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2013-1182",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20130424 Multiple Vulnerabilities in Cisco Unified Computing System",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1q\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1p\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1o\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1n\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1y\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1t\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1m\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1w\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1c\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_6296up_fabric_interconnect:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_6140xp_fabric_interconnect:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_6120xp_fabric_interconnect:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_integrated_management_controller:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_6248up_fabric_interconnect:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2013-1182"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20130424 Multiple Vulnerabilities in Cisco Unified Computing System",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-04-25T10:55Z",
      "publishedDate": "2013-04-25T10:55Z"
    }
  }
}

The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207. Cisco Unified Computing System is prone to a remote authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and impersonate other users of the system. This may lead to further attacks. This issue is tracked by Cisco Bug ID CSCtc91207. The system integrates network, computing and virtualization resources into one platform by extensively adopting virtualization technology

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201304-0265",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.3\\(1t\\)"
      },
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.3\\(1n\\)"
      },
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.3\\(1o\\)"
      },
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.3\\(1p\\)"
      },
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.3\\(1q\\)"
      },
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.3\\(1m\\)"
      },
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.3\\(1y\\)"
      },
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.3\\(1c\\)"
      },
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.1"
      },
      {
        "model": "unified computing system integrated management controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified computing system 6248up fabric interconnect",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified computing system 6296up fabric interconnect",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified computing system 6120xp fabric interconnect",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.3\\(1w\\)"
      },
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "unified computing system 6140xp fabric interconnect",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ucs 6248up 48 port fabric interconnect",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ucs infrastructure and ucs manager software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.3(x)"
      },
      {
        "model": "ucs integrated management controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ucs infrastructure and ucs manager software",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.1"
      },
      {
        "model": "ucs 6120xp-20 port fabric interconnect",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ucs infrastructure and ucs manager software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.1(1j)"
      },
      {
        "model": "ucs 6140xp-40 port fabric interconnect",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ucs 6296up 96 port fabric interconnect",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified computing system infrastructure and unified computing system software",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "1.0"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002472"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-1182"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-530"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1q\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1p\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1o\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1n\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1y\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1t\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1m\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1w\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1c\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_6296up_fabric_interconnect:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_6140xp_fabric_interconnect:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_6120xp_fabric_interconnect:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_integrated_management_controller:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_6248up_fabric_interconnect:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-1182"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "59451"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-530"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-1182",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2013-1182",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-61184",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-1182",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201304-530",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-61184",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-61184"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002472"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-1182"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-530"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207. Cisco Unified Computing System is prone to a remote authentication-bypass vulnerability. \nAn attacker can exploit this issue to bypass the authentication  mechanism and impersonate other users of the system. This may lead to further attacks. \nThis issue is tracked by Cisco Bug ID CSCtc91207. The system integrates network, computing and virtualization resources into one platform by extensively adopting virtualization technology",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-1182"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002472"
      },
      {
        "db": "BID",
        "id": "59451"
      },
      {
        "db": "VULHUB",
        "id": "VHN-61184"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-1182",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "59451",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002472",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-530",
        "trust": 0.7
      },
      {
        "db": "CISCO",
        "id": "20130424 MULTIPLE VULNERABILITIES IN CISCO UNIFIED COMPUTING SYSTEM",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "53188",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-61184",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-61184"
      },
      {
        "db": "BID",
        "id": "59451"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002472"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-1182"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-530"
      }
    ]
  },
  "id": "VAR-201304-0265",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-61184"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:09:34.937000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20130424-ucsmulti",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130424-ucsmulti"
      },
      {
        "title": "29028",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=29028"
      },
      {
        "title": "cisco-sa-20130424-ucsmulti",
        "trust": 0.8,
        "url": "http://www.cisco.com/cisco/web/support/jp/111/1117/1117911_cisco-sa-20130424-ucsmulti-j.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002472"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-61184"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002472"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-1182"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130424-ucsmulti"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1182"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1182"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/53188"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/59451"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-61184"
      },
      {
        "db": "BID",
        "id": "59451"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002472"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-1182"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-530"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-61184"
      },
      {
        "db": "BID",
        "id": "59451"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002472"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-1182"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-530"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-04-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-61184"
      },
      {
        "date": "2013-04-24T00:00:00",
        "db": "BID",
        "id": "59451"
      },
      {
        "date": "2013-04-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002472"
      },
      {
        "date": "2013-04-25T10:55:01.683000",
        "db": "NVD",
        "id": "CVE-2013-1182"
      },
      {
        "date": "2013-04-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201304-530"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-04-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-61184"
      },
      {
        "date": "2013-04-24T00:00:00",
        "db": "BID",
        "id": "59451"
      },
      {
        "date": "2013-05-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002472"
      },
      {
        "date": "2013-04-25T10:55:01.683000",
        "db": "NVD",
        "id": "CVE-2013-1182"
      },
      {
        "date": "2013-05-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201304-530"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-530"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco UCS of  Manager Component  Web In the console  LDAP Vulnerability that bypasses authentication",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002472"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-530"
      }
    ],
    "trust": 0.6
  }
}

CVE-2013-1182

Vulnerability from fkie_nvd

Published

2013-04-25 10:55

Modified

2024-11-21 01:49

Severity ?

Summary

References

▼	URL	Tags
	ykramarz@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	*
cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.1
cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.3\(1c\)
cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.3\(1m\)
cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.3\(1n\)
cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.3\(1o\)
cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.3\(1p\)
cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.3\(1q\)
cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.3\(1t\)
cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.3\(1w\)
cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.3\(1y\)
cisco	unified_computing_system_6120xp_fabric_interconnect	-
cisco	unified_computing_system_6140xp_fabric_interconnect	-
cisco	unified_computing_system_6248up_fabric_interconnect	-
cisco	unified_computing_system_6296up_fabric_interconnect	-
cisco	unified_computing_system_integrated_management_controller	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D750A18-D9BA-4AA4-8DA5-CB38F0430996",
              "versionEndIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75680C91-A1EF-4BE1-8D26-C4763E44A091",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1c\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2E8C881B-CAAC-40AB-A9BF-93495BAFE56F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1m\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "20C079CC-34E2-4C8D-ABC9-6D76F4A22D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1n\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F2FDBA01-AE8E-4B06-9A4E-71CB16D3C592",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1o\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "765CC42E-FAC8-43D6-9B40-B8CF7272C4FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1p\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0806ED-7F9C-4166-B47A-0381C215FF2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1q\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "76367743-6762-4C70-AFD7-4848E2FE3F61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1t\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4857DF36-804A-4B2B-B2AA-37E8A0036F65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1w\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3B18FB5A-F569-413C-BA09-58C28EF9316C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1y\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "41EC377E-7DAD-4E6C-AC3F-215B6EAB05D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_6120xp_fabric_interconnect:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "908F8E5E-9BC4-4682-8C25-C07DB032A18B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_6140xp_fabric_interconnect:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F5E053-2C45-43F0-8A86-FB3C4C0B04E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_6248up_fabric_interconnect:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6584DF3-E466-49BE-B4D8-3E249B7816F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_6296up_fabric_interconnect:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18DD763C-BBA6-48EC-9CFF-A5F0DEF85756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_integrated_management_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96F29BD7-06E5-4149-90CB-F9733D04AFF7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207."
    },
    {
      "lang": "es",
      "value": "La p\u00e1gina de inicio de sesi\u00f3n en la consola Web en el componente Administrador de Cisco Unified Computing System (UCS), antes de v1.0(2h) v1.1 antes de v1.1(1j), y v1.3(x), permite a atacantes remotos evitar la autenticaci\u00f3n LDAP a trav\u00e9s de una solicitud mal formada, tambi\u00e9n conocido como Bug ID CSCtc91207."
    }
  ],
  "id": "CVE-2013-1182",
  "lastModified": "2024-11-21T01:49:03.947",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-04-25T10:55:01.683",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2013-1182

Vulnerability from cvelistv5

ghsa-r276-g96q-g9m3

Vulnerability from github

gsd-2013-1182

Vulnerability from gsd

var-201304-0265

Vulnerability from variot

CVE-2013-1182

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature