Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability
Vulnerability Description
A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to improper validation of the server firmware upgrade images. An attacker could exploit this vulnerability by installing a server firmware version that would allow the attacker to disable UEFI Secure Boot. A successful exploit could allow the attacker to bypass the signature validation checks that are done by UEFI Secure Boot technology and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco.
CVSS Information
N/A
Vulnerability Type
密码学签名的验证不恰当
Vulnerability Title
Cisco UCS C-Series Rack Servers 数据伪造问题漏洞
Vulnerability Description
Cisco UCS C-Series是美国思科(Cisco)公司的一款C系列机架式服务器。 Cisco UCS C-Series Rack Servers中的固件存在数据伪造漏洞,该漏洞源于程序无法正确验证服务器固件更新镜像。攻击者可利用该漏洞利用该漏洞绕过签名验证检查并加载未被Cisco签名的软件镜像。以下产品及版本受到影响:Firepower Management Center (FMC) 1000;Firepower Management Center (FMC) 2500;Firepower Ma
CVSS Information
N/A
Vulnerability Type
N/A