Cisco UCS Director Default Credentials Vulnerability

Last Revised

Cisco has released a security advisory to address a vulnerability in Cisco Unified Computing System (UCS) Director. This vulnerability could allow an unauthenticated, remote attacker to take complete control of the affected device due to a default root user account created during installation. Successful exploitation of this vulnerability would provide the attacker with full administrative rights to the system.

US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the update provided to address this vulnerability.