Cisco plugs remote code execution flaw in UCS Central control freak
Cisco has patched a remote code execution bug that could give attackers root privileges on its Unified Computing System (UCS) Central software used by more than 30,00 organisations.
The UCS data centre server platform joins hardware, virtualisation, networking and software into one system. Versions 1.2 and below are affected.
The Borg says the vulnerability (CVE-2015-0701) rates the maximum 10 severity rating due to its low exploitation requirements and “complete” impact to confidentiality, integrity and availability.