(Photo: dpa, Ole Spata)!
<- RSPEAK_START ->
About the Data Center frontend an attacker can remotely execute malicious code without having to log on. He can take over control of the underlying operating system of the server.
Cisco has a serious vulnerability in the web frontend of server management solution UCS Central Software closed (CVE-2015-0701 ). Through the input validation bug can take control over the software remotely, without having to log in and then run malicious code an attacker.
The Unified Computing System (UCS) is Cisco’s data center platform and includes not only the actual servers, the network components and the virtualization stack. The gap allows attackers to execute malicious code on the underlying operating system of the server with system privileges.
is concerned the UCS Central software up to version 1.2. An update from Cisco, which is to close the gap, is ready and can be purchased from the manufacturer. The highest CVSS score of 10, the vulnerability must be regarded as highly critical. According to Cisco, however, is not aware that it is currently being actively exploited (fab)
No comments:
Post a Comment