CVE-2013-1182
Published Apr 25, 2013
Last updated 12 years ago
Overview
- Description
- The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D750A18-D9BA-4AA4-8DA5-CB38F0430996",
"versionEndIncluding": "1.0"
},
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75680C91-A1EF-4BE1-8D26-C4763E44A091"
},
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1c\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E8C881B-CAAC-40AB-A9BF-93495BAFE56F"
},
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1m\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20C079CC-34E2-4C8D-ABC9-6D76F4A22D73"
},
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1n\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2FDBA01-AE8E-4B06-9A4E-71CB16D3C592"
},
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1o\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "765CC42E-FAC8-43D6-9B40-B8CF7272C4FA"
},
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1p\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C0806ED-7F9C-4166-B47A-0381C215FF2D"
},
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1q\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76367743-6762-4C70-AFD7-4848E2FE3F61"
},
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1t\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4857DF36-804A-4B2B-B2AA-37E8A0036F65"
},
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1w\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B18FB5A-F569-413C-BA09-58C28EF9316C"
},
{
"criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.3\\(1y\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41EC377E-7DAD-4E6C-AC3F-215B6EAB05D6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_computing_system_6120xp_fabric_interconnect:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "908F8E5E-9BC4-4682-8C25-C07DB032A18B"
},
{
"criteria": "cpe:2.3:h:cisco:unified_computing_system_6140xp_fabric_interconnect:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92F5E053-2C45-43F0-8A86-FB3C4C0B04E0"
},
{
"criteria": "cpe:2.3:h:cisco:unified_computing_system_6248up_fabric_interconnect:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6584DF3-E466-49BE-B4D8-3E249B7816F7"
},
{
"criteria": "cpe:2.3:h:cisco:unified_computing_system_6296up_fabric_interconnect:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18DD763C-BBA6-48EC-9CFF-A5F0DEF85756"
},
{
"criteria": "cpe:2.3:h:cisco:unified_computing_system_integrated_management_controller:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96F29BD7-06E5-4149-90CB-F9733D04AFF7"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]