Cisco UCS Central Software Arbitrary Command Execution Vulnerability CVE-2016-1352
- CVSSv3 Score
- Vulnerability description
A vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system.
- Risk description
The vulnerability is due to improper input validation by the affected software.< An attacker could exploit this vulnerability by sending a malicious HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system.
Update to 1.3(1c)/1.4(1a) or newer
- Not available