CyberSec.Space Logo
Back to CVE Browser

CVE-2012-4092

MEDIUM
5.8
CVSS Severity Score
EPSS Score0.1270%
EPSS Percentile22.14th
PublishedSep 26, 2013
Last ModifiedApr 29, 2026

Vulnerability Description

The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle attackers to read or modify an inter-device data stream by spoofing an identity, aka Bug ID CSCtk00683.

Affected Platforms (CPE)

πŸ”Œ
Cisco

Unified Computing System

All versions

References & Advisories

πŸ”— http://secunia.com/advisories/55034
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4092
πŸ”— http://secunia.com/advisories/55034
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4092

Related Vulnerabilities

CVE-2013-118310.0

Buffer overflow in the Intelligent Platform Management Interface (IPMI) functionality in the Manager component in Cisco Unified Co...

CVE-2018-02389.9

A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing System (UCS) Director could allow...

CVE-2018-154279.8

A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco Connected Safety and Security Unified ...

CVE-2015-64359.8

An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager b...