CVE-2016-1374
The web framework in Cisco Unified Computing System (UCS) Performance Manager 2.0.0 and earlier allows remote authenticated users to execute arbitrary commands via crafted parameters in a GET request, aka Bug ID CSCuy07827.
Date published : 2016-07-27
http://www.securityfocus.com/bid/92044
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160720-ucsperf