Several products int he Cisco Unified Communications family of products contain a command execution vulnerability in the Disaster Recovery Framework (DRF) feature. The risk is HIGH. A remote, unauthenticated user could exploit this vulnerability to execute arbitrary commands that may allow full administration access to affected systems.
More...