Arbitrary Command Execution Vulnerability in Cisco UCS Performance Manager 2.0.0 and Earlier (CSCuy07827)

Arbitrary Command Execution Vulnerability in Cisco UCS Performance Manager 2.0.0 and Earlier (CSCuy07827)

CVE-2016-1374 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

The web framework in Cisco Unified Computing System (UCS) Performance Manager 2.0.0 and earlier allows remote authenticated users to execute arbitrary commands via crafted parameters in a GET request, aka Bug ID CSCuy07827.

Learn more about our Cis Benchmark Audit For Cisco.