Description
The web interface in the Manager component in Cisco Unified Computing System (UCS) 1.x and 2.x before 2.0(2m) allows remote attackers to obtain sensitive information by reading a (1) technical-support bundle file or (2) on-device configuration backup, aka Bug ID CSCtq86543.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti
Scores
EPSS
0.0185
EPSS Percentile
76.5%
Details
CWE
CWE-200
Status
published
Products (40)
cisco/unified_computing_system_6120xp_fabric_interconnect
cisco/unified_computing_system_6140xp_fabric_interconnect
cisco/unified_computing_system_6248up_fabric_interconnect
cisco/unified_computing_system_6296up_fabric_interconnect
cisco/unified_computing_system_infrastructure_and_unified_computing_system_software
1.0
cisco/unified_computing_system_infrastructure_and_unified_computing_system_software
1.0\(2k\)
cisco/unified_computing_system_infrastructure_and_unified_computing_system_software
1.1
cisco/unified_computing_system_infrastructure_and_unified_computing_system_software
1.1\(1m\)
cisco/unified_computing_system_infrastructure_and_unified_computing_system_software
1.2
cisco/unified_computing_system_infrastructure_and_unified_computing_system_software
1.2\(1\)
... and 30 more
Published
Apr 25, 2013
Tracked Since
Feb 18, 2026