CISCO-SA-20180905-CIMC

creationtimestamp| type| source ---|---|--- 2024-12-17 06:41:28+00:00| seen| https://social.circl.lu/users/vulnerabilitylookup/statuses/113666793121058834...

Cisco Integrated Management Controller Web-Based Management Interface Command Injection (cisco-sa-cimc-cmd-inj-bLuPcb)

According to its self-reported version, the Cisco Integrated Management Controller Web-Based Management Interface is affected by a command injection vulnerability. Due to insufficient user input validation, an authenticated, remote attacker with Administrator-level privileges could perform comman...

Cisco Integrated Management Controller CLI Command Injection (cisco-sa-cimc-cmd-inj-mUx4c5AJ)

According to its self-reported version, Cisco Integrated Management Controller CLI is affected by a command injection vulnerability. Due to insufficient validation of user-supplied input, the vulnerability could allow an authenticated, local attacker to perform command injection attacks on the...

Exploit for CVE-2024-20356

CVE-2024-20356 This is a proof of concept for CVE-2024-20356,...

Cisco Integrated Management Controller Username Enumeration Vulnerability

A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application. The vulnerability is due to differences in authentication responses sent back from the application as part of an authentication...

Cisco Critical Flaw Patched in WAN Software Solution

Cisco patched a critical flaw in its wide area network WAN software solution for enterprises, which if exploited could give remote, unauthenticated attackers administrator privileges. The flaw exists in Cisco Virtual Wide Area Application Services vWAAS, which is software that Cisco describes as ...

Input validation

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, local attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation in the affected software. An...

CVE-2019-1656

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, local attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation in the affected software. An...

CVE-2019-1656 Cisco Enterprise NFV Infrastructure Software Linux Shell Access Vulnerability

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, local attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation in the affected software. An...

Cisco Integrated Management Controller Denial of Service Vulnerability

Cisco Unified Computing System UCS C-Series Rack Server version 1.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause the Cisco Integrated Management Controller CIMC, which is used for management/monitoring of the Cisco UCS Rack Server, to stop responding or a...