Arbitrary Command Execution Vulnerability in Cisco FX-OS and UCS Manager (CSCur90888)

Arbitrary Command Execution Vulnerability in Cisco FX-OS and UCS Manager (CSCur90888)

CVE-2015-6435 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and 3.0 before 3.0(2e) allows remote attackers to execute arbitrary shell commands via a crafted HTTP request, aka Bug ID CSCur90888.

Learn more about our Cis Benchmark Audit For Cisco.