CISCO has recently issued a security update to fix a high-risk security vulnerability affecting the UCS software. The flaw resides in the Unified Computing System web framework and a remote unauthenticated attacker can trigger it to execute arbitrary commands on the targeted UCS control server by sending a specially crafted request. The vulnerability has been reported by the security researcher Gregory Draperi. The good news is that the Cisco Product Security Incident Response Team (PSIRT) is not aware of any attacks in the wild that exploited the vulnerability.”]
Source: http://securityaffairs.co/wordpress/46322/breaking-news/cisco-ucs-security-flaw.html