Cisco UCS 6300
Moderate fix2 remedies
cpe:2.3:h:cisco:ucs_6300:*:*:*:*:*:*:*
Moderate fix2 remedies
- <= 4.1
- <= 4.2
- <= 4.3
- <= 6.0
Cisco UCS Manager Software Command Injection Vulnerability Allowing Arbitrary Command Execution
Vulnerability
Patched
A command injection vulnerability has been identified in Cisco UCS Manager Software, affecting the CLI and web-based management interface. This vulnerability allows an authenticated, remote attacker with administrative privileges to execute arbitrary commands on the underlying operating system of the affected device. The issue arises from inadequate input validation of command arguments provided by users. Exploitation of this vulnerability could enable an attacker to execute commands with root-level privileges.
Impact
Successful exploitation allows for arbitrary command execution on the affected device's operating system with root-level privileges.
Remediation
Cisco has released software updates to address this vulnerability. Users are advised to upgrade to the fixed releases mentioned in the advisory. For guidance on obtaining the updated software, refer to the Cisco Support and Downloads page or contact the Cisco Technical Assistance Center (TAC).
Added: Feb 25, 2026, 11:21 PM
Updated: Feb 25, 2026, 11:21 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
10.0exploitability
4.4remediation
7.7relevance
3.2threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.