exploitDog

CVE-2012-4074

Опубликовано: 20 сент. 2013

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

The Board Management Controller (BMC) in the Serial over LAN (SoL) subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded private key, which allows man-in-the-middle attackers to obtain sensitive information or modify the data stream by leveraging knowledge of this key, aka Bug ID CSCte90338.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4074
Vendor Advisory
http://www.securitytracker.com/id/1029073
Third Party Advisory
VDB Entry
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4074
Vendor Advisory
http://www.securitytracker.com/id/1029073
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:cisco:unified_computing_system:-:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00327

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-fmxm-7xp6-gq38

github

больше 3 лет назад

The Board Management Controller (BMC) in the Serial over LAN (SoL) subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded private key, which allows man-in-the-middle attackers to obtain sensitive information or modify the data stream by leveraging knowledge of this key, aka Bug ID CSCte90338.

EPSS

Процентиль: 55%

0.00327

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-255