CVE-2026-20095

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation...

CVE-2026-20088

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20085

A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

CVE-2026-20087

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20090

CVE-2026-20090 affects the web-based management interface of Cisco IMC. The root cause is insufficient validation of user input, enabling a stored XSS if a user with administrative access is coerced into clicking a crafted link. The vulnerability could allow an attacker with network access and ad...

CVE-2026-20090 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20090 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20089 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20088

Cisco IMC’s web-based management interface is affected by a stored XSS vulnerability. The issue arises from insufficient input validation, enabling an authenticated, remote attacker with administrative privileges to lure a user into clicking a crafted link, which could execute arbitrary script co...

CVE-2026-20088 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20087 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20087

CVE-2026-20087 covers a stored XSS vulnerability in Cisco IMC’s web-based management interface. An authenticated user with administrative privileges could be persuaded to click a crafted link, triggering script execution in the target user’s browser or exposure of browser-based information due to...

CVE-2026-20096

CVE-2026-20096 concerns Cisco Integrated Management Controller (IMC). The issue lies in the web-based management interface where improper validation of user-supplied input allows an authenticated, admin-level attacker to perform command injections, potentially executing arbitrary commands as the ...

CVE-2026-20096 Cisco Integrated Management Controller Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation...

CVE-2026-20097

CVE-2026-20097 affects the web-based management interface of Cisco IMC. An authenticated admin could trigger arbitrary code execution as root due to improper validation of user-supplied input, by sending crafted HTTP requests to the device. The impact is execution of code on the underlying OS as ...

CVE-2026-20097 Cisco Integrated Management Controller Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to execute arbitrary code as the root user. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. A...

CVE-2026-20097 Cisco Integrated Management Controller Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to execute arbitrary code as the root user. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. A...

CVE-2026-20094 Cisco Integrated Management Controller Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation o...

CVE-2026-20094

Cisco IMC web-based management interface vulnerability allows an authenticated, read-only user to perform command injection and execute arbitrary commands as root due to improper input validation. CVSS 3.1 base score 8.8 (HIGH); impact on confidentiality, integrity, availability HIGH. No exploita...

CVE-2026-20095

CVE-2026-20095 corresponds to a vulnerability in Cisco IMC’s web-based management interface where an authenticated, admin-level attacker can exploit improper input validation to perform command injection and run arbitrary commands as root. Impact is described as root-level execution; no public ex...