{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T19:28:57.836","vulnerabilities":[{"cve":{"id":"CVE-2019-12634","sourceIdentifier":"psirt@cisco.com","published":"2019-08-21T19:15:13.387","lastModified":"2024-11-21T04:23:13.987","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a missing authentication check in an API call. An attacker who can send a request to an affected system could cause all currently authenticated users to be logged off. Repeated exploitation could cause the inability to maintain a session in the web-based management portal."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de administración basada en la web del Supervisor del Controlador Integrado de Administración de Cisco (IMC), el Director de Cisco UCS y el Director de Cisco UCS Express para Big Data podría permitir que un atacante remoto no autenticado cause una condición de denegación de servicio (DoS). La vulnerabilidad se debe a una falta de verificación de autenticación en una llamada a la API. Un atacante que puede enviar una solicitud a un sistema afectado podría hacer que todos los usuarios autenticados actualmente cierren sesión. La explotación repetida podría causar la incapacidad de mantener una sesión en el portal de administración basado en la web."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-264"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*","versionStartIncluding":"2.2.0.3","versionEndIncluding":"2.2.0.6","matchCriteriaId":"4352B424-3852-466D-97BD-D7D678F4BAC9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.0.0","versionEndIncluding":"6.7.2.0","matchCriteriaId":"4E66FC72-9589-46A8-AC73-6A4A9BFE9FC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director:6.6.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F95E9D60-7976-4CFB-B36B-0BC6675FA383"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director:6.6.1.0:*:*:*:*:*:*:*","matchCriteriaId":"4E99B2DD-0E27-42FE-AE41-BE9FE8E78D4F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director_express_for_big_data:*:*:*:*:*:*:*:*","versionStartIncluding":"3.7.0.0","versionEndIncluding":"3.7.2.0","matchCriteriaId":"7317CA7D-B1A0-4F83-BA5F-6155459C8583"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.6.0.0:*:*:*:*:*:*:*","matchCriteriaId":"451ABC79-936F-469E-B1D8-ADB3EDCA52F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.6.1.0:*:*:*:*:*:*:*","matchCriteriaId":"6C918805-0026-4780-A8E2-8BC85A8F7282"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-ucs-imc-dos","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-ucs-imc-dos","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}