Cisco has patched a serious remote code execution vulnerability in its Unified Computing System (UCS) Central software. The UCS Central software fails to properly validate user input via its web framework, exposing the platform to remote attack; versions 1.2 and earlier are affected. The company added that it has no other workarounds available, and that it is not aware of public exploits. The vulnerability has been assigned the vulnerability its highest severity score of 10; users urged to update to version 1.3.
Source: https://threatpost.com/cisco-patches-remote-code-execution-bugs-in-ucs-central/112688/