Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-20-544/ | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2020-04-15T00:00:00
Updated: 2020-04-16T18:06:01
Reserved: 2019-12-12T00:00:00
Link: CVE-2020-3249
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-04-15T21:15:35.717
Modified: 2020-04-23T15:54:04.790
Link: CVE-2020-3249
JSON object: View
Redhat Information
No data.