2 matches found
Cisco UCS Central Software < 2.0(1c) HTTP Request Handling RCE
The version of Cisco Unified Computing System UCS Central Software running on the remote host is prior to 1.31c. It is, therefore, affected by a flaw in its web framework due to improper validation of user-supplied input. An authenticated, remote attacker can exploit this, via a specially crafted...
CVE-2018-0113
Cisco UCS Central Software prior to Release 2.0(1c) is affected by an HTTP request handling vulnerability that allows an authenticated, remote attacker to execute arbitrary shell commands with the daemon user’s privileges due to insufficient input validation. The issue is triggered by crafting a ...