CVE-2013-1184

Published Apr 25, 2013

Last updated 3 months ago

CVSS info 7.8

Overview

Description: The management API in the XML API management service in the Manager component in Cisco Unified Computing System (UCS) 1.x before 1.2(1b) allows remote attackers to cause a denial of service (service outage) via a malformed request, aka Bug ID CSCtg48206.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB67F2CC-67A3-42B0-A241-3BAB8EC52AC1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.0\\(2k\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "097EBEF0-8228-4034-93CC-F50226633D64"
          },
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75680C91-A1EF-4BE1-8D26-C4763E44A091"
          },
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.1\\(1m\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44E4A6EA-FFBE-41C9-9A99-135FB9C1AD3C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "881A281B-F042-4662-973B-ECB9C536A0B8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.2\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4CEC2A3-E00F-4DD9-A9A7-436131554733"
          },
          {
            "criteria": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.2\\(1a\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC29BA47-A40A-4666-BF60-7949406C56DC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_6120xp_fabric_interconnect:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "908F8E5E-9BC4-4682-8C25-C07DB032A18B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_6140xp_fabric_interconnect:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92F5E053-2C45-43F0-8A86-FB3C4C0B04E0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_6248up_fabric_interconnect:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6584DF3-E466-49BE-B4D8-3E249B7816F7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_6296up_fabric_interconnect:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18DD763C-BBA6-48EC-9CFF-A5F0DEF85756"
          },
          {
            "criteria": "cpe:2.3:h:cisco:unified_computing_system_integrated_management_controller:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96F29BD7-06E5-4149-90CB-F9733D04AFF7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References