CVE-2013-1183: Buffer Overflow
First published: Thu Apr 25 2013(Updated: )
Buffer overflow in the Intelligent Platform Management Interface (IPMI) functionality in the Manager component in Cisco Unified Computing System (UCS) 1.0 and 1.1 before 1.1(1j) and 1.2 before 1.2(1b) allows remote attackers to execute arbitrary code via malformed data in a UDP packet, aka Bug ID CSCtd32371.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Computing System | =1.0 | |
| Cisco Unified Computing System | =1.0\(2k\) | |
| Cisco Unified Computing System | =1.1 | |
| Cisco Unified Computing System | =1.1\(1m\) | |
| Cisco Unified Computing System | =1.2 | |
| Cisco Unified Computing System | =1.2\(1\) | |
| Cisco Unified Computing System | =1.2\(1a\) | |
| Cisco Unified Computing System 6120xp Fabric Interconnect | ||
| Cisco Unified Computing System 6140xp Fabric Interconnect | ||
| Cisco UCS 6248UP Fabric Interconnect | ||
| Cisco UCS 6296UP Fabric Interconnect |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-1183?
CVE-2013-1183 has a severity rating of high due to its potential for remote code execution.
How do I fix CVE-2013-1183?
To fix CVE-2013-1183, you should upgrade your Cisco Unified Computing System software to a patched version as specified in the Cisco advisory.
What are the affected versions for CVE-2013-1183?
The affected versions for CVE-2013-1183 include Cisco Unified Computing System versions 1.0, 1.0(2k), 1.1, and 1.2 prior to their respective patched releases.
What impact does CVE-2013-1183 have on Cisco UCS?
CVE-2013-1183 can allow remote attackers to execute arbitrary code, which may compromise the integrity and availability of the Cisco UCS.
Can CVE-2013-1183 be exploited remotely?
Yes, CVE-2013-1183 can be exploited remotely through malformed data in a UDP packet.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/references
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco unified computing system
- version/cisco unified computing system/1.0
- version/cisco unified computing system/1.0\(2k\)
- version/cisco unified computing system/1.1
- version/cisco unified computing system/1.1\(1m\)
- version/cisco unified computing system/1.2
- version/cisco unified computing system/1.2\(1\)
- version/cisco unified computing system/1.2\(1a\)
- canonical/cisco unified computing system 6120xp fabric interconnect
- canonical/cisco unified computing system 6140xp fabric interconnect
- canonical/cisco ucs 6248up fabric interconnect
- canonical/cisco ucs 6296up fabric interconnect