Vulnerability Description
MCTOOLS in the fabric interconnect in Cisco Unified Computing System (UCS) allows local users to execute arbitrary Baseboard Management Controller (BMC) commands by leveraging (1) local, (2) shell-level, or (3) debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Computing System | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4089Vendor Advisory
- http://www.securitytracker.com/id/1029082Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87369
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4089Vendor Advisory
- http://www.securitytracker.com/id/1029082Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87369
FAQ
What is CVE-2012-4089?
CVE-2012-4089 is a vulnerability with a CVSS score of 6.6 (MEDIUM). MCTOOLS in the fabric interconnect in Cisco Unified Computing System (UCS) allows local users to execute arbitrary Baseboard Management Controller (BMC) commands by leveraging (1) local, (2) shell-lev...
How severe is CVE-2012-4089?
CVE-2012-4089 has been rated MEDIUM with a CVSS base score of 6.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4089?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Computing System.