exploitDog

CVE-2012-4116

Опубликовано: 19 окт. 2013

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete the authentication process for a server connection, by sniffing the network, aka Bug ID CSCtr72970.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4116
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4116
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:cisco:unified_computing_system:-:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00265

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-hp24-h2rp-pfgx

github

больше 3 лет назад

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete the authentication process for a server connection, by sniffing the network, aka Bug ID CSCtr72970.

EPSS

Процентиль: 50%

0.00265

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-200