CVE-2016-1352
published 2016-04-14CVE-2016-1352: Cisco Unified Computing System (UCS) Central Software 1.3(1b) and earlier allows remote attackers to execute arbitrary OS commands via a crafted HTTP request…
PriorityP262critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.24%
80.6th percentile
Cisco Unified Computing System (UCS) Central Software 1.3(1b) and earlier allows remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuv33856.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | unified_computing_system_central | — | — |
| cisco | unified_computing_system_central_software | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect exploitation attempts by monitoring for crafted/malicious HTTP requests targeting Cisco UCS Central Software web framework endpoints, which may contain OS command injection payloads in request parameters ↗
- →Flag unauthenticated remote HTTP requests that result in OS command execution on Cisco UCS Central Software versions 1.3(1b) and earlier; the vulnerability is in the web framework and stems from improper input validation (CWE-78 OS Command Injection) ↗
- ·Affected versions are Cisco UCS Central Software 1.3(1b) and earlier; upgrade to a patched release as there are no workarounds available ↗
- ·No workarounds exist for this vulnerability; only the vendor-released software update addresses it ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_cisco7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability
vendor_cisco·2016-04-13·CVSS 7.5
CVE-2016-1352 [HIGH] CWE-78 Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability
Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability
A vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system.
The vulnerability is due to improper input validation by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link: https://sec.cloudapps.cisco.com/securit
Cisco
Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability
vendor_cisco
CVE-2016-1352 Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability
CVE-2016-1352: Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability
A vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system. The vulnerability is due to improper input validation by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system. Cisco has released software updates that address this vulnerability. There are no
CWE: CWE-78, CWE-78
Bug IDs: CSCuv33856
GHSA
GHSA-r6vc-5wc9-vgfw: Cisco Unified Computing System (UCS) Central Software 1
ghsa_unreviewed·2022-05-17
CVE-2016-1352 [CRITICAL] CWE-78 GHSA-r6vc-5wc9-vgfw: Cisco Unified Computing System (UCS) Central Software 1
Cisco Unified Computing System (UCS) Central Software 1.3(1b) and earlier allows remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuv33856.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2016-04-14
Published