CVE-2013-1186
UnknownEPSS 2.11%
Last modified
CVE-2013-1186 is a vulnerability of currently unknown severity. Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746.. EPSS estimates a 2.11% chance of exploitation in the next 30 days.
Description
Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.0 |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.0\(2k\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.1 |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.1\(1m\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.2 |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.2\(1\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.2\(1a\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.2\(1d\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.3\(1c\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.3\(1m\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.3\(1n\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.3\(1o\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.3\(1p\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.3\(1q\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.3\(1t\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.3\(1w\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.3\(1y\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.4\(1j\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.4\(1m\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.4\(3i\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.4\(3l\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.4\(3m\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.4\(3q\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.4\(3s\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.4\(3u\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 1.4\(3y\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 2.0\(1q\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 2.0\(1s\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 2.0\(1t\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 2.0\(1w\) |
| Cisco | Unified Computing System Infrastructure And Unified Computing System Software | 2.0\(1x\) |
| Cisco | Unified Computing System 6120xp Fabric Interconnect | All versions |
| Cisco | Unified Computing System 6140xp Fabric Interconnect | All versions |
| Cisco | Unified Computing System 6248up Fabric Interconnect | All versions |
| Cisco | Unified Computing System 6296up Fabric Interconnect | All versions |
| Cisco | Unified Computing System Integrated Management Controller | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-1186?
Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746.
How severe is CVE-2013-1186?
Severity scoring for CVE-2013-1186 is pending analysis. The EPSS model estimates a 2.11% probability of exploitation in the next 30 days.
How do I fix CVE-2013-1186?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2013-1186?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST