Authentication Bypass in Cisco Unified Computing System Web Console
CVE-2013-1182

Currently unrated

Key Information:

Vendor
Cisco
Status
Unified Computing System Infrastructure And Unified Computing System Software
Unified Computing System 6120xp Fabric Interconnect
Unified Computing System 6140xp Fabric Interconnect
Unified Computing System 6248up Fabric Interconnect
Vendor
CVE Published:
25 April 2013

Summary

The Cisco Unified Computing System’s Web Console contains a vulnerability that allows remote attackers to bypass LDAP authentication by sending a specially crafted request. This flaw affects various versions of the UCS Manager and could potentially grant unauthorized access, leading to further system exploitation or data breaches. It is crucial for administrators to apply relevant patches to mitigate this risk.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.