Cisco UCS Manager Software SSH Sessions Denial of Service Vulnerability

A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability is due to improper resource management for established SSH sessions. An attacker could exploit this vulnerability by opening a significant number of SSH sessions on an affected device. A successful exploit could allow the attacker to cause a crash and restart of internal Cisco UCS Manager software processes and a temporary loss of access to the Cisco UCS Manager CLI and web UI.

Note: The attacker must have valid user credentials to authenticate to the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-ssh-dos-MgvmyrQy

This advisory is part of the August 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Security Impact Rating: Medium

CVE: CVE-2021-1592

Related:

  • No Related Posts

Cisco Unified Computing System Central Software Improper Certificate Validation Vulnerability

A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an authenticated, adjacent attacker to register a rogue Cisco Unified Computing System Manager (UCSM).

This vulnerability is due to improper certificate validation. An attacker could exploit this vulnerability by sending a crafted HTTP request to the registration API. A successful exploit could allow the attacker to register a rogue Cisco UCSM and gain access to Cisco UCS Central Software data and Cisco UCSM inventory data.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-invcert-eOpRvCKH

Security Impact Rating: Medium

CVE: CVE-2021-1354

Related:

  • No Related Posts

Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability

A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device.

The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by including crafted arguments to specific commands on the local management CLI. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-ucs-cli-cmdinj

This advisory is part of the February 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: February 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2020-3173

Related:

Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS).

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj

This advisory is part of the February 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: February 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2020-3167

Related:

Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability

A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj

This advisory is part of the February 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: February 2020 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2020-3171

Related:

Where to install the Cisco UCS agent?

We are planning to install IBM Tivoli Monitoring for Virtual Environments Agent for Cisco UCS version 7.2.
Please clarify whether agent needs to be installed in Cisco UCS manager or can be installed in remote server.

Related:

Simplify Operations on a Large Scale

Features and Capabilities

Cisco UCS Central Software extends the capabilities and concepts of Cisco UCS Manager across multiple Cisco Unified Computing System (Cisco UCS) domains in one or more physical locations.

With an enhanced HTML 5 user interface available in seven languages, you can work easily on a global scale to provide configuration capabilities for pools, policies, and firmware. Administrators can follow a define-once-deploy-many-times workflow for their infrastructure to increase operational efficiency.

Subject matter experts can promote global policy compliance by choosing the resource pools and policies that need to be enforced globally or managed locally. Cisco UCS Central supports the entire Cisco UCS and Cisco HyperFlex portfolio, as well as the full family of Cisco UCS Fabric Interconnects and all current Cisco UCS fabric interconnects.

Key Benefits

  • Global administrative policies can enable global and local management of Cisco UCS domains to promote consistency and standardization across domains.
  • Centralized inventory and health status with dashboard and reports help you more easily monitor distributed environments and provide a consistent view of the entire Cisco UCS infrastructure.
  • Policy-based server definitions can be standardized and deployed across domains and physical locations.
  • Policy-based firmware upgrades can be applied globally or selectively through automated schedules or as business workloads demand.

Key Features

  • Globalization allows you to migrate existing policies and profiles from Cisco UCS Manager to globalized configuration and take full advantage of all the capabilities of Cisco UCS Central.
  • Global search lets you easily search through thousands of servers, policies, and other elements of configuration.
  • Cisco UCS global service profiles and templates enable fast and simplified infrastructure deployment and help ensure consistency.
  • Health status, logs, and inventory of all Cisco UCS components facilitate rapid problem resolution.
  • Hardware compatibility reports allow you to quickly understand if your current or desired firmware versions are validated with OS and Driver versions.
  • Keyboard, video, and mouse (KVM) manager allows admins to launch KVM sessions anywhere in the Cisco UCS environment.
  • Global ID pooling and multidomain ID visibility eliminate identifier conflicts.

Open and Extensible

Easily extend the functionality of your management tools through a broad partner ecosystem. An open API builds on the Cisco UCS Manager API for easy integration into higher-level data center management frameworks. You can use Cisco UCS Central with the Cisco UCS Platform Emulator to model policies and test changes for large-scale environments without the need for physical hardware.

Related: