Cisco addressed several vulnerabilities in UCS products

Cisco released security patches to address 17 critical and high-severity vulnerabilities affecting some Cisco Unified Computing products (UCS and IMC).

Cisco has released security fixes to address 17 critical and high-severity vulnerabilities affecting some Cisco Unified Computing products.

Most of the flaws affect the Integrated Management Controller (IMC) that is a baseboard management controller that provides embedded server management for Cisco Unified Computing System (UCS) servers.

The critical flaws impacting the CISCO UCS addressed by the tech giant are CVE-2019-1937, CVE-2019-1974, CVE-2019-1935 and CVE-2019-1938. These flaws could be exploited by remote, unauthenticated attackers to gain elevated privileges, including administrator permissions, on the targeted system.

A remote attacker could exploit the vulnerabilities by sending specially crafted requests and abusing default credentials.

“A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to acquire a valid session token with administrator privileges, bypassing user authentication.” reads the advisory for the CVE-2019-1937 flaw.

“The vulnerability is due to insufficient request header validation during the authentication process. An attacker could exploit this vulnerability by sending a series of malicious requests to an affected device. An exploit could allow the attacker to use the acquired session token to gain full administrator access to the affected device.”

Cisco addressed also multiple high-severity vulnerabilities that could be exploited to trigger a denial-of-service (DoS) condition, to execute arbitrary commands with root privileges, obtain sensitive configuration data, elevate privileges, and modify the system configuration,

Some of the flaws addressed by Cisco have been reported by the security researcher Pedro Ribeiro, aka “bashis,” another expert whose identity was not revealed, and some other external researchers.

The good news is that Cisco is not aware of attacks in the wild that have exploited the flaws in UCS and IMC products.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Cisco Unified Computing Products, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]