Sensitive Information Disclosure in Cisco Unified Computing System
CVE-2013-1185

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Computing System Infrastructure And Unified Computing System Software; Unified Computing System 6120xp Fabric Interconnect; Unified Computing System 6140xp Fabric Interconnect; Unified Computing System 6248up Fabric Interconnect
Vendor: CVE Published:; 25 April 2013

Summary

The web interface of Cisco Unified Computing System (UCS) in versions 1.x and 2.x prior to 2.0(2m) is susceptible to a vulnerability that enables remote attackers to access sensitive data. This occurs through the exploitation of the Manager component, allowing unauthorized reading of technical support bundle files and on-device configuration backups, potentially exposing critical information and compromising system integrity.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 25, 2013