CVE-2013-1185

The web interface in the Manager component in Cisco Unified Computing System (UCS) 1.x and 2.x before 2.0(2m) allows remote attackers to obtain sensitive information by reading a (1) technical-support bundle file or (2) on-device configuration backup, aka Bug ID CSCtq86543.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.0
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.0\(2k\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.1
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.1\(1m\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.2
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.2\(1\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.2\(1a\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.2\(1d\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1c\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1m\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1n\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1o\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1p\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1q\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1t\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1w\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1y\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(1j\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(1m\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3i\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3l\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3m\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3q\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3s\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3u\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3y\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(4f\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(4g\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(4i\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(4j\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(4k\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
2.0\(1q\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
2.0\(1s\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
2.0\(1t\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
2.0\(1w\)
ciscounified_computing_system_6120xp_fabric_interconnect
-
ciscounified_computing_system_6140xp_fabric_interconnect
-
ciscounified_computing_system_6248up_fabric_interconnect
-
ciscounified_computing_system_6296up_fabric_interconnect
-
ciscounified_computing_system_integrated_management_controller
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti