CVE-2013-1182
First published: Thu Apr 25 2013(Updated: )
The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Computing System | <=1.0 | |
| Cisco Unified Computing System | =1.1 | |
| Cisco Unified Computing System | =1.3\(1c\) | |
| Cisco Unified Computing System | =1.3\(1m\) | |
| Cisco Unified Computing System | =1.3\(1n\) | |
| Cisco Unified Computing System | =1.3\(1o\) | |
| Cisco Unified Computing System | =1.3\(1p\) | |
| Cisco Unified Computing System | =1.3\(1q\) | |
| Cisco Unified Computing System | =1.3\(1t\) | |
| Cisco Unified Computing System | =1.3\(1w\) | |
| Cisco Unified Computing System | =1.3\(1y\) | |
| Cisco Unified Computing System 6120xp Fabric Interconnect | ||
| Cisco Unified Computing System 6140xp Fabric Interconnect | ||
| Cisco UCS 6248UP Fabric Interconnect | ||
| Cisco UCS 6296UP Fabric Interconnect | ||
| Cisco Unified Computing System Integrated Management Controller |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-1182?
CVE-2013-1182 has a severity rating categorized as high due to its potential to allow remote attackers to bypass LDAP authentication.
How do I fix CVE-2013-1182?
To fix CVE-2013-1182, upgrade to Cisco Unified Computing System versions that are 1.0(2h) or later, or 1.1(1j) and above.
What types of systems are affected by CVE-2013-1182?
CVE-2013-1182 affects various versions of Cisco Unified Computing System infrastructure and software, including specific versions of fabric interconnects.
What is the impact of CVE-2013-1182?
The impact of CVE-2013-1182 allows attackers to bypass authentication, potentially gaining unauthorized access to the system.
When was CVE-2013-1182 first disclosed?
CVE-2013-1182 was publicly disclosed in April 2013.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco unified computing system
- version/cisco unified computing system/1.0
- version/cisco unified computing system/1.1
- version/cisco unified computing system/1.3\(1c\)
- version/cisco unified computing system/1.3\(1m\)
- version/cisco unified computing system/1.3\(1n\)
- version/cisco unified computing system/1.3\(1o\)
- version/cisco unified computing system/1.3\(1p\)
- version/cisco unified computing system/1.3\(1q\)
- version/cisco unified computing system/1.3\(1t\)
- version/cisco unified computing system/1.3\(1w\)
- version/cisco unified computing system/1.3\(1y\)
- canonical/cisco unified computing system 6120xp fabric interconnect
- canonical/cisco unified computing system 6140xp fabric interconnect
- canonical/cisco ucs 6248up fabric interconnect
- canonical/cisco ucs 6296up fabric interconnect
- canonical/cisco unified computing system integrated management controller