CVE-2017-6604

Name of the Vulnerable Software and Affected Versions Cisco Unified Computing System Central versions 3.1(2c)B Cisco Integrated Management Controller (IMC) Software versions 3.1(2c)B

Description The issue is related to an open redirect vulnerability in the web interface of the affected systems. This could allow a remote attacker to redirect users to a malicious web page. The vulnerability affects various Cisco products, including Unified Computing System (UCS) B-Series M3 and M4 Blade Servers and Unified Computing System (UCS) C-Series M3 and M4 Rack Servers.

Recommendations For versions 3.1(2c)B, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the web interface to minimize the risk of exploitation.