Lucene search
CiscoCVELIST:CVE-2017-6616HistoryApr 20, 2017 - 10:00 p.m.
CVE-2017-6616
2017-04-2022:00:00
CWE-20
cisco
www.cve.org
0.003 Low
EPSS
Percentile
70.9%
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability exists because the affected software does not sufficiently sanitize specific values that are received as part of a user-supplied HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user on the affected system. Cisco Bug IDs: CSCvd14578.
CNA Affected
[
{
"product": "Cisco Integrated Management Controller",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Integrated Management Controller"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2017-04-20 22:59:00
openvas
openvas
cve
cve
CVE-2017-6616
2017-04-20 22:59:00
cisco
cisco
Cisco Integrated Management Controller Remote Code Execution Vulnerability
2017-04-19 16:00:00
nvd
nvd
CVE-2017-6616
2017-04-20 22:59:00
nessus
nessus
Cisco Integrated Management Controller Remote Code Execution Vulnerability
2017-08-10 00:00:00