Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability
Vulnerability Description
A vulnerability in role-based access control of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. The vulnerability is due to incorrect allocation of the enable/disable action button under the role-based access control code on an affected system. An attacker could exploit this vulnerability by authenticating as a read-only user and then updating the roles of other users to disable them. A successful exploit could allow the attacker to disable users, including administrative users.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
思科 Cisco UCS Director Express for Big Data 安全漏洞
Vulnerability Description
Cisco UCS Director Express for Big Data是美国思科(Cisco)公司的一套针对大数据集群的基础架构统一管理平台。 Cisco IMC Supervisor、Cisco UCS Director和Cisco UCS Director Express for Big Data中存在安全漏洞。远程攻击者可利用该漏洞执行非法的操作。以下产品及版本受到影响:IMC Supervisor 1.1.0.0及之后版本(2.2.1.3版本已修复);UCS Director 5.4.0.
CVSS Information
N/A
Vulnerability Type
N/A