Cisco UCS Central Software - Critical Vulnerability Advisory

Affected ProductCisco UCS Central Software versions 1.2 and earlier

If you are currently running Cisco UCS Central Software you should update the software immediately.

Cisco has announced a critical vulnerability in its UCS Central Software product. The UCS Central Software is a web application framework that can be used to manage a Cisco UCS domain. If successfully exploited, an unauthenticated remote user could execute arbitrary commands with the privileges of the root user on the vulnerable system.

This vulnerability has been given an initial CVSS score of 10, which represents the highest severity ranking. CVSS, the Common Vulnerability Scoring System, is an industry standard mechanism used to assess the severity of computer security vulnerabilities. More information about the CVSS system can be found at https://www.first.org/cvss/faq.

At the time of this writing, there is no known publicly available exploit code.

Next Steps

Links

If you have questions regarding this notice please call us at 734-827-1400, option 3 or email support@networksgroup.com.

Topics: Device Management, Information Security, Threat Advisory

Subscribe to get new content! Never miss a security update from the team.

Security news, tips, webinars, and more straight to your inbox.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.