CVE-2013-1186

Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
VendorProductVersion
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.0
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.0\(2k\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.1
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.1\(1m\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.2
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.2\(1\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.2\(1a\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.2\(1d\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1c\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1m\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1n\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1o\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1p\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1q\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1t\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1w\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.3\(1y\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(1j\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(1m\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3i\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3l\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3m\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3q\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3s\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3u\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
1.4\(3y\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
2.0\(1q\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
2.0\(1s\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
2.0\(1t\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
2.0\(1w\)
ciscounified_computing_system_infrastructure_and_unified_computing_system_software
2.0\(1x\)
ciscounified_computing_system_6120xp_fabric_interconnect
-
ciscounified_computing_system_6140xp_fabric_interconnect
-
ciscounified_computing_system_6248up_fabric_interconnect
-
ciscounified_computing_system_6296up_fabric_interconnect
-
ciscounified_computing_system_integrated_management_controller
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti