Vulnerability Description
The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Computing System | 1.0\(2k\) |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4078Vendor Advisory
- http://www.securitytracker.com/id/1029084Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87367
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4078Vendor Advisory
- http://www.securitytracker.com/id/1029084Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87367
FAQ
What is CVE-2012-4078?
CVE-2012-4078 is a vulnerability with a CVSS score of 8.5 (HIGH). The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authen...
How severe is CVE-2012-4078?
CVE-2012-4078 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4078?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Computing System.