Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ucs\-E1120d\-M3_firmware
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-08-16 | CVE-2023-20228 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code... | Encs_5100_firmware, Encs_5400_firmware, Ucs\-E1120d\-M3_firmware, Ucs_c220_m5_rack_server_firmware, Ucs_e160s_m3_firmware, Ucs_e180d_m3_firmware | 6.1 | ||
| 2021-05-06 | CVE-2021-1397 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability... | C125_m5_firmware, C220_m5_firmware, C220_m6_firmware, C225_m6_firmware, C240_m5_firmware, C240_m6_firmware, C245_m6_firmware, C480_m5_firmware, C480_ml_m5_firmware, Encs_5100_firmware, Encs_5400_firmware, Integrated_management_controller, Ucs\-E1120d\-M3_firmware, Ucs\-E140d_firmware, Ucs\-E140dp_firmware, Ucs\-E140s\-M1_firmware, Ucs\-E140s\-M2_firmware, Ucs\-E140s_firmware, Ucs\-E160d_firmware, Ucs\-E160dp\-M1_firmware, Ucs\-E160s\-M3_firmware, Ucs\-E180d\-M2_firmware, Ucs\-E180d\-M3_firmware, Ucs_manager, Ucs_s3260_firmware | 6.1 | ||
| 2018-06-21 | CVE-2018-0362 | A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability is due to improper security restrictions that are imposed by the affected system. An attacker could exploit this vulnerability by submitting an empty password value to an affected device's BIOS... | 5100_enterprise_network_compute_system_firmware, 5400_enterprise_network_compute_system_firmware, Ucs\-E1120d\-K9_firmware, Ucs\-E1120d\-M3_firmware, Ucs\-E140d\-K9_firmware, Ucs\-E140d\-M1_firmware, Ucs\-E140dp\-K9_firmware, Ucs\-E140dp\-M1_firmware, Ucs\-E140s\-K9_firmware, Ucs\-E140s\-M1_firmware, Ucs\-E140s\-M2_firmware, Ucs\-E160d\-K9_firmware, Ucs\-E160d\-M1_firmware, Ucs\-E160d\-M2_firmware, Ucs\-E160dp\-K9_firmware, Ucs\-E160dp\-M1_firmware, Ucs\-E160s\-K9_firmware, Ucs\-E160s\-M3_firmware, Ucs\-E180d\-K9_firmware, Ucs\-E180d\-M2_firmware, Ucs\-E180d\-M3_firmware | 4.3 |