Pierluigi Paganini April 14, 2016

CISCO has recently issued a security update to fix a high-risk security vulnerability affecting the UCS software and exploitable with a simple HTTP poke.

Cisco has recently patched a “high” risk security vulnerability (CVE-2016-1352) affecting its Unified Computing System (UCS) Central Software that could allow a remote attacker to gain remote control of the machines.

According to the CISCO advisory the flaw resides in the Unified Computing System web framework and a remote unauthenticated attacker can trigger it to execute arbitrary commands on the targeted UCS control server by sending it a specially crafted HTTP request.

“A vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system.” states the CISCO advisory

“The vulnerability is due to improper input validation by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system.”

The vulnerability has been reported by the security researcher Gregory Draperi.

The Unified Computing System software is designed to manage a large number of Cisco UCS servers at a time in data centers, this means that if the remote attacker is able to compromise it can theoretically open a door within the targeted network and easily move laterally.

Organizations running UCS Central Software versions 1.3(1b) and earlier need to update them to solve the problem.

The good news is that the Cisco Product Security Incident Response Team (PSIRT) is not aware of any attacks in the wild that exploited the vulnerability in the Unified Computing System.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – CVE-2016-1352, UCS)