CVE-2015-0599

Name of the Vulnerable Software and Affected Versions Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) on C-Series Rack Servers (affected versions not specified)

Description The issue is related to the web interface in Cisco Integrated Management Controller, which does not properly restrict the use of IFRAME elements. This makes it easier for remote attackers to conduct clickjacking attacks and other unspecified attacks via a crafted web site. The problem is related to a "cross-frame scripting (XFS)" issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.