Описание
The web framework in Cisco Unified Computing System (UCS) Performance Manager 2.0.0 and earlier allows remote authenticated users to execute arbitrary commands via crafted parameters in a GET request, aka Bug ID CSCuy07827.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:unified_computing_system_performance_manager:1.0_base:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_computing_system_performance_manager:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_computing_system_performance_manager:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_computing_system_performance_manager:2.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.0084
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
The web framework in Cisco Unified Computing System (UCS) Performance Manager 2.0.0 and earlier allows remote authenticated users to execute arbitrary commands via crafted parameters in a GET request, aka Bug ID CSCuy07827.
EPSS
Процентиль: 74%
0.0084
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-20