Arbitrary BMC Command Execution Vulnerability in Cisco UCS Fabric Interconnect (Bug ID CSCtg76239)

Arbitrary BMC Command Execution Vulnerability in Cisco UCS Fabric Interconnect (Bug ID CSCtg76239)

CVE-2012-4089 · MEDIUM Severity

AV:L/AC:M/AU:S/C:C/I:C/A:C

MCTOOLS in the fabric interconnect in Cisco Unified Computing System (UCS) allows local users to execute arbitrary Baseboard Management Controller (BMC) commands by leveraging (1) local, (2) shell-level, or (3) debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239.

Learn more about our Cis Benchmark Audit For Cisco.