Posted by tom () fadedcode net on Mar 22

Subject: Cisco UCSM username and password hashes sent via SYSLOG

Impact: Information Disclosure / Privilege Elevation

Vendor: Cisco
Product: Cisco Unified Computing System Manager (UCSM)
Notified: 2014.10.31
Fixed: 2015.03.06 ( 2.2(3e) )

Author: Tom Sellers ( tom at fadedcode.net )
Date: 2015.03.21

Description:
============

Cisco Unified Computing System Manager (UCSM) versions 1.3 through 2.2 sends local (UCSM) username and…