Severity

Medium

Analysis Summary

The vulnerability is due to a lack of proper data protection mechanisms. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow an attacker to view sensitive system data.

Impact

Exposure of system information

Affected Vendors

Cisco

Affected Products

• Cisco UCS C-Series Rack Servers
• Cisco Unified Computing System (UCS) 4.x

Remediation

Update to version 4.0(4b).