Cisco UCS Central Software < 1.3(1c) HTTP Request Handling RCE

The version of Cisco Unified Computing System UCS Central Software running on the remote host is prior to 1.31c. It is, therefore, affected by a flaw in its web framework due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially craft...

CVE-2016-1352

Cisco Unified Computing System UCS Central Software 1.31b and earlier allows remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuv33856...