The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers, and read keyboard and mouse events, by leveraging knowledge of this certificate's private key, aka Bug ID CSCte90327.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco unified computing system - |