Cisco UCS servers can be hijacked with malicious HTTP request

A data center server platform running Cisco’s Unified Computing System (UCS) Central Software can be compromised by unauthenticated, remote attackers with a single, malicious HTTP request, security researcher Gregory Draperi has discovered.

The Cisco UCS platform was designed to help organizations efficiently manage distributed Cisco UCS servers at scale. Cisco UCS Central Software helps manage multiple Cisco UCS domains.

The vulnerability (CVE-2016-1352) is present in the product’s web framework, and its due to improper input validation.

It affects Cisco UCS Central Software releases 1.3(1b) and prior, and has been patched in versions 1.3(1c) and later (which can be downloaded from here). No workarounds are available, so upgrading to the newest versions is the only way for admins to plug that hole.

Cisco considers the flaw to be high risk, as a successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system.

The good news is that there is no evidence that the flaw is being exploited in the wild.

This is the third vulnerability in Cisco UCS Central Software reported by Draperi (and patched by Cisco) since July 2015.