2845 matches found
CVE-2026-20093
Cisco IMC contains an authentication bypass vulnerability in its change-password flow. The issue arises from incorrect handling of password-change requests, allowing an unauthenticated, remote attacker to send a crafted HTTP request and bypass authentication, potentially altering any user passwor...
CVE-2026-20085 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...
CVE-2026-20085
CVE-2026-20085 affects the web-based management interface of Cisco IMC. The issue is a reflected XSS caused by insufficient input validation that can be triggered when a user clicks a crafted link, enabling an unauthenticated remote attacker to execute arbitrary script code in the user’s browser ...
CVE-2026-20085 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...
Cisco Integrated Management Controller Authentication Bypass Vulnerability
A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...
Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow a remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. For more information about these vulnerabilities, see the Details "details"...
Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker to execute arbitrary code or commands on the underlying operating system of an affected system and elevate privileges to root. For more...
Cisco Integrated Management Controller 跨站脚本漏洞
The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...
PT-2026-29558
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation...
Cisco Integrated Management Controller 输入验证错误漏洞
The Cisco Integrated Management Controller IMC is a set of software developed by Cisco Corporation in the United States, used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, shutting down, and restartin...
Cisco Integrated Management Controller(IMC) 跨站脚本漏洞
The Cisco Integrated Management Controller IMC is a set of software developed by Cisco Corporation in the United States, used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as starting, stopping, and restarting server...
Cisco Integrated Management Controller 命令注入漏洞
The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...
Cisco Integrated Management Controller(IMC) 跨站脚本漏洞
The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...
PT-2026-29557
Name of the Vulnerable Software and Affected Versions Cisco Integrated Management Controller IMC affected versions not specified Description A flaw exists in the web-based management interface of Cisco IMC that could allow a remote attacker with read-only privileges to inject commands and execute...
Cisco Integrated Management Controller(IMC) 缓冲区错误漏洞
The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...
Cisco Integrated Management Controller(IMC) 跨站脚本漏洞
The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...
Cisco Integrated Management Controller(IMC) 命令注入漏洞
The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...
PT-2026-29554
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...
PT-2026-29555
Name of the Vulnerable Software and Affected Versions Cisco IMC affected versions not specified Description A flaw exists in the web-based management interface of Cisco IMC that may allow a remote attacker with administrative privileges to perform a stored Cross-Site Scripting XSS attack against ...
PT-2026-29556
Name of the Vulnerable Software and Affected Versions: Cisco Integrated Management Controller IMC versions prior to 4.15.5, Catalyst 8300 Edge uCPE versions prior to 4.18.3, UCS C-Series M5/M6 standalone versions prior to 4.32.260007/4.36.260017/6.01.250174, UCS E-Series M3 versions prior to...