Cisco has released security updates to address vulnerabilities in Cisco Integrated Management Controller (IMC) Supervisor, Unified Computing System (UCS) Director, and UCS Director Express for Big Data. A remote attacker could exploit these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- Authentication Bypass Vulnerability in IMC Supervisor, UCS Director, and UCS Director Express for Big Data releases cisco-sa-20190821-imcs-ucs-authby
- Authentication Bypass Vulnerability in IMC Supervisor, UCS Director, and UCS Director Express for Big Data releases cisco-sa-20190821-imcs-ucs-authbypass
- Secure Copy (SCP) User Default Credentials Vulnerability in IMC Supervisor, UCS Director, and UCS Director Express for Big Data releases cisco-sa-20190821-imcs-usercred
- Application Programming Interface (API) Authentication Bypass Vulnerability in UCS Director and UCS Director Express for Big Data releases cisco-sa-20190821-ucsd-authbypass
This product is provided subject to this Notification and this Privacy & Use policy.