CVE-2015-0701

Name of the Vulnerable Software and Affected Versions Cisco UCS Central Software versions prior to 1.3(1a)

Description The issue is due to insufficient input validation in the web component of Cisco UCS Central, allowing remote attackers to execute arbitrary commands via a crafted HTTP request.

Recommendations For versions prior to 1.3(1a), update to version 1.3(1a) or later to resolve the issue. As a temporary workaround, consider restricting access to the web component to minimize the risk of exploitation.