A vulnerability in Cisco Unified Computing System (UCS) B-Series blade servers could allow an unauthenticated, local attacker to cause the host operating system or Baseboard Management Controller (BMC) to hang.

The vulnerability is due to how the various components communicate across the Inter-IC (I2C) bus. An attacker could exploit this vulnerability by sending specific I2C packets. An exploit could allow the attacker to cause disruption to the host, resulting in a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151006-ucs

Leave a Reply