SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Embedded Server/Appliance)  >   Cisco Unified Computing System Vendors:   Cisco
Cisco Unified Computing System B-Series Blade Server I2C Packet Processing Flaw Lets Local Users Cause Denial of Service Conditions on the Target System
SecurityTracker Alert ID:  1033752
SecurityTracker URL:  http://securitytracker.com/id/1033752
CVE Reference:   CVE-2015-4265   (Links to External Site)
Date:  Oct 7 2015
Impact:   Denial of service via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 2.2.6
Description:   A vulnerability was reported in Cisco Unified Computing System B-Series Blade Servers. A local user can cause denial of service conditions on the target system.

A local user can send specially crafted Inter-IC (I2C) packets to cause the target host operating system or Baseboard Management Controller (BMC) to hang.

The following models are affected:

Cisco UCS B200 M3 Blade Server
Cisco UCS B420 M3 Blade Server
Cisco UCS B22 M3 Blade Server
Cisco UCS B260 M4 Blade Server
Cisco UCS B460 M4 Blade Server

The vendor has assigned bug ID CSCuq77241 to this vulnerability.

Impact:   A local user can cause the target system to hang.
Solution:   The vendor has issued a fix (2.2.6).

The vendor's advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151006-ucs

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151006-ucs (Links to External Site)
Cause:   State error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC