Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data
CVE-2020-3251

9.8CRITICAL

Key Information:

Vendor: Cisco
Status: Cisco Ucs Director
Vendor: CVE Published:; 15 April 2020

Badges

👾 Exploit Exists

Summary

Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Affected Version(s)

Cisco UCS Director

References

https://tools.cisco.com/security/center/content/CiscoSecu...

vendor-advisoryx_refsource_CISCO

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Aug 4, 2024
Vulnerability published
Apr 15, 2020
Vulnerability Reserved
Dec 12, 2019