Cisco Unified Computing System Manager Information Disclosure Vulnerability

A vulnerability in the system logs of the Cisco Unified Computing System Manager could allow an unauthenticated, remote attacker to view sensitive system information.

The vulnerability is due to the inclusion of sensitive information in certain log files. An attacker could exploit this vulnerability by viewing the sensitive information stored in the logs.

Cisco has confirmed the vulnerability and released software updates.

To exploit the vulnerability, the attacker may need access to trusted or internal networks to access system log files. This access requirement could limit the likelihood of a successful exploit.