Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Encs_5100_firmware
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-08-16 | CVE-2023-20228 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code... | Encs_5100_firmware, Encs_5400_firmware, Ucs\-E1120d\-M3_firmware, Ucs_c220_m5_rack_server_firmware, Ucs_e160s_m3_firmware, Ucs_e180d_m3_firmware | 6.1 | ||
| 2021-05-06 | CVE-2021-1397 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability... | C125_m5_firmware, C220_m5_firmware, C220_m6_firmware, C225_m6_firmware, C240_m5_firmware, C240_m6_firmware, C245_m6_firmware, C480_m5_firmware, C480_ml_m5_firmware, Encs_5100_firmware, Encs_5400_firmware, Integrated_management_controller, Ucs\-E1120d\-M3_firmware, Ucs\-E140d_firmware, Ucs\-E140dp_firmware, Ucs\-E140s\-M1_firmware, Ucs\-E140s\-M2_firmware, Ucs\-E140s_firmware, Ucs\-E160d_firmware, Ucs\-E160dp\-M1_firmware, Ucs\-E160s\-M3_firmware, Ucs\-E180d\-M2_firmware, Ucs\-E180d\-M3_firmware, Ucs_manager, Ucs_s3260_firmware | 6.1 | ||
| 2019-05-13 | CVE-2019-1649 | A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the... | 15454\-M\-Wse\-K9_firmware, Analog_voice_network_interface_modules_firmware, Asa_5500_firmware, Asr_1000_series_firmware, Asr_1001_firmware, Catalyst_9800\-40_wireless_controller_firmware, Catalyst_9800\-80_wireless_controller_firmware, Encs_5100_firmware, Encs_5400_firmware, Firepower_2100_firmware, Firepower_4000_firmware, Firepower_9000_firmware, Ic3000\-K9_firmware, Industrial_security_appliances_3000_firmware, Integrated_services_router_4200_firmware, Integrated_services_router_4300_firmware, Integrated_services_router_4400_firmware, Integrated_services_router_t1\/e1_voice_and_wan_network_interface_modules_firmware, Ios, Ios_xe, Ios_xr, Ncs2k\-Mr\-Mxp\-K9_firmware, Nx\-Os, Ons_15454_mstp_firmware, Sm\-X\-1t3\/e3_firmware, Supervisor_a\+_firmware, Supervisor_b\+_firmware | 6.7 |