CNNVD-202508-3213 Information

CNNVD ID

CNNVD-202508-3213

Related CVE

CVE-2025-20295

• CNNVD Published: 2025-08-27

Description (Chinese)

Cisco UCS Manager Software是美国思科（Cisco）公司的一款设备管理软件。 Cisco UCS Manager Software存在操作系统命令注入漏洞，该漏洞源于命令参数输入验证不足，可能导致文件系统操作。

Description (English)

Cisco UCS Manager Software is an equipment management software for Cisco. Cisco UCS Manager Software has a bug in the operating system command, which arises from inadequate proofing of command parameters, which may lead to file system operations.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

Citadel

Published

2025-08-27

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-multi-cmdinj-E4Ukjyrz https://vigilance.fr/vulnerability/Cisco-UCS-Manager-Software-code-execution-via-Command-Injection-48069 https://nvd.nist.gov/vuln/detail/CVE-2025-20295

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-multi-cmdinj-E4Ukjyrz