GCVE - cpe:2.3:a:n/a:cisco_ucs_central_software:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:cisco_ucs_central_software:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Cisco Ucs Central Software (`fee38efd-b015-5617-8157-94bf310d2f6a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-0094`	vulnerable	2026-06-08 05:10:21.047388	Details available A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilization on the targeted device. The vulnerability is due to insufficient rate limiting protection for IPv6 ingress traffic. An attacker could exploit this vulnerability by sending the affected device a high rate of IPv6 packets. Successful exploitation could allow the attacker to cause a DoS condition due to CPU and resource constraints. Cisco Bug IDs: CSCuv34544. Published: 2018-01-18T06:00:00.000Z Updated: 2024-12-02T21:44:36.841Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1040249 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-ucs http://www.securityfocus.com/bid/102787	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-12349`	vulnerable	2026-06-08 05:08:46.733629	Details available Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. Cisco Bug IDs: CSCvf71978, CSCvf71986. Published: 2017-11-30T09:00:00.000Z Updated: 2024-08-05T18:36:56.088Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/102018 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ucs-central http://www.securitytracker.com/id/1039924	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-12348`	vulnerable	2026-06-08 05:08:46.731917	Details available Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. Cisco Bug IDs: CSCvf71978, CSCvf71986. Published: 2017-11-30T09:00:00.000Z Updated: 2024-08-05T18:36:55.885Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/102018 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ucs-central http://www.securitytracker.com/id/1039924	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-12255`	vulnerable	2026-06-08 05:08:46.361759	Details available A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands entered in the CLI, aka a Restricted Shell Break Vulnerability. An attacker could exploit this vulnerability by entering a specific command with crafted arguments. An exploit could allow the attacker to gain shell access to the underlying system. Cisco Bug IDs: CSCve70762. Published: 2017-09-21T05:00:00.000Z Updated: 2024-08-05T18:28:16.789Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/100932 http://www.securitytracker.com/id/1039412 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-ucs	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.