CVE-2012-4136

Description

The high-availability service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) does not properly bind the cluster service to the management interface, which allows remote attackers to obtain sensitive information or cause a denial of service (peer-syncing outage) via a TELNET connection, aka Bug ID CSCtz72910.

Risk Information

Base Score

7.5

MODERATE

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

Exploitation Probability

0.43

Associated Vulnerability

Vulnerability	OS Platform
Cisco Unified Computing System Fabric Interconnect Remote Access Vulnerability For Cisco Unified Computing System	NCM
CVE-2012-4136	NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-1706036	Security Update for Cisco Unified Computing System 3.2(1d)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234