CVE-2013-1186

Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746.

Published: Apr 25, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-1186
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.0	1.0.x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.0(2k)	1.0(2k).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.1	1.1.x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.1(1m)	1.1(1m).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.2	1.2.x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.2(1)	1.2(1).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.2(1a)	1.2(1a).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.2(1d)	1.2(1d).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.3(1c)	1.3(1c).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.3(1m)	1.3(1m).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.3(1n)	1.3(1n).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.3(1o)	1.3(1o).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.3(1p)	1.3(1p).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.3(1q)	1.3(1q).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.3(1t)	1.3(1t).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.3(1w)	1.3(1w).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.3(1y)	1.3(1y).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.4(1j)	1.4(1j).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.4(1m)	1.4(1m).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.4(3i)	1.4(3i).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.4(3l)	1.4(3l).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.4(3m)	1.4(3m).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.4(3q)	1.4(3q).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.4(3s)	1.4(3s).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.4(3u)	1.4(3u).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	1.4(3y)	1.4(3y).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	2.0(1q)	2.0(1q).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	2.0(1s)	2.0(1s).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	2.0(1t)	2.0(1t).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	2.0(1w)	2.0(1w).x
cisco / unified_computing_system_infrastructure_and_unified_computing_system_software	2.0(1x)	2.0(1x).x

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti

Vulnerability Database

289,599

CVE-2013-1186