CVE-2012-4078

Cisco Unified Computing System - Authentication Bypass via SSH Port Forwarding

Title source: llm

Description

The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656.

References (3)

Core 3

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4078

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/87367

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1029084

Scores

EPSS 0.0354

EPSS Percentile 87.8%

Details

CWE

CWE-287

Status published

Products (4)

cisco/unified_computing_system 1.0\(2k\)

cisco/unified_computing_system 1.0_base

cisco/unified_computing_system 1.1\(1m\)

cisco/unified_computing_system 1.1_base

Published Sep 24, 2013

Tracked Since Feb 18, 2026