CVE-2012-4092 Information

Description

The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles which allows man-in-the-middle attackers to read or modify an inter-device data stream by spoofing an identity aka Bug ID CSCtk00683.

Reference

http://secunia.com/advisories/55034 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4092