Cisco UCS Director and Cisco UCS Director Express for Big Data API Authentication Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The vulnerability is due to improper authentication request handling. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow an unprivileged attacker to access and execute arbitrary actions through certain APIs.

N/A

认证机制不恰当

Cisco UCS Director和Cisco UCS Director Express for Big Data 授权问题漏洞

Cisco UCS Director和Cisco UCS Director Express for Big Data都是美国思科（Cisco）公司的产品。Cisco UCS Director是一套私有云基础架构即服务（IaaS）的异构平台。Cisco UCS Director Express for Big Data是一套针对大数据集群的基础架构统一管理平台。 Cisco UCS Director和Cisco UCS Director Express for Big Data中的Web管理界面存在授权问题

N/A

N/A