CVE-2013-1182

Name of the Vulnerable Software and Affected Versions Cisco Unified Computing System (UCS) versions prior to 1.0(2h) Cisco Unified Computing System (UCS) versions 1.1 prior to 1.1(1j) Cisco Unified Computing System (UCS) version 1.3(x)

Description The issue allows remote attackers to bypass LDAP authentication via a malformed request on the login page in the Web Console in the Manager component.

Recommendations For versions prior to 1.0(2h), update to version 1.0(2h) or later. For versions 1.1 prior to 1.1(1j), update to version 1.1(1j) or later. For version 1.3(x), consider disabling the LDAP authentication feature until a patch is available.