A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a missing authentication check in an API call. An attacker who can send a request to an affected system could cause all currently authenticated users to be logged off. Repeated exploitation could cause the inability to maintain a session in the web-based management portal.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-ucs-imc-dos | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2019-08-21T00:00:00
Updated: 2019-08-21T18:05:15
Reserved: 2019-06-04T00:00:00
Link: CVE-2019-12634
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-08-21T19:15:13.387
Modified: 2020-10-08T14:37:29.817
Link: CVE-2019-12634
JSON object: View
Redhat Information
No data.