2013-09-20 16:00:00
cisco
PUBLISHED
The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers, and read keyboard and mouse events, by leveraging knowledge of this certificates private key, aka Bug ID CSCte90327.