Lucene search
K

2845 matches found

CVE
CVE
added 2026/04/01 4:28 p.m.102 views

CVE-2026-20093

Cisco IMC contains an authentication bypass vulnerability in its change-password flow. The issue arises from incorrect handling of password-change requests, allowing an unauthenticated, remote attacker to send a crafted HTTP request and bypass authentication, potentially altering any user passwor...

9.8CVSS6AI score0.00991EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/01 4:27 p.m.3 views

CVE-2026-20085 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

6.1CVSS6.2AI score0.00184EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 4:27 p.m.71 views

CVE-2026-20085

CVE-2026-20085 affects the web-based management interface of Cisco IMC. The issue is a reflected XSS caused by insufficient input validation that can be triggered when a user clicks a crafted link, enabling an unauthenticated remote attacker to execute arbitrary script code in the user’s browser ...

6.1CVSS6.2AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/01 4:27 p.m.23 views

CVE-2026-20085 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

6.1CVSS0.00184EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/01 4:0 p.m.36 views

Cisco Integrated Management Controller Authentication Bypass Vulnerability

A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...

9.8CVSS6AI score0.00991EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/01 4:0 p.m.16 views

Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow a remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. For more information about these vulnerabilities, see the Details "details"...

6.1CVSS5.9AI score0.00184EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/01 4:0 p.m.21 views

Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker to execute arbitrary code or commands on the underlying operating system of an affected system and elevate privileges to root. For more...

8.8CVSS6.2AI score0.00929EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.5 views

Cisco Integrated Management Controller 跨站脚本漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...

4.8CVSS5.7AI score0.0017EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.8 views

PT-2026-29558

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation...

6.5CVSS6.1AI score0.00929EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.10 views

Cisco Integrated Management Controller 输入验证错误漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco Corporation in the United States, used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, shutting down, and restartin...

9.8CVSS6.1AI score0.00991EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

Cisco Integrated Management Controller(IMC) 跨站脚本漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco Corporation in the United States, used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as starting, stopping, and restarting server...

4.8CVSS5.7AI score0.00237EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.6 views

Cisco Integrated Management Controller 命令注入漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...

8.8CVSS6.1AI score0.01094EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

Cisco Integrated Management Controller(IMC) 跨站脚本漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...

6.1CVSS5.7AI score0.00184EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.6 views

PT-2026-29557

Name of the Vulnerable Software and Affected Versions Cisco Integrated Management Controller IMC affected versions not specified Description A flaw exists in the web-based management interface of Cisco IMC that could allow a remote attacker with read-only privileges to inject commands and execute...

9CVSS6.2AI score0.01094EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

Cisco Integrated Management Controller(IMC) 缓冲区错误漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...

6.5CVSS6.3AI score0.00549EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

Cisco Integrated Management Controller(IMC) 跨站脚本漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...

4.8CVSS5.7AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.8 views

Cisco Integrated Management Controller(IMC) 命令注入漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...

6.5CVSS6.1AI score0.00719EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29554

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

4.8CVSS6.2AI score0.00237EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.19 views

PT-2026-29555

Name of the Vulnerable Software and Affected Versions Cisco IMC affected versions not specified Description A flaw exists in the web-based management interface of Cisco IMC that may allow a remote attacker with administrative privileges to perform a stored Cross-Site Scripting XSS attack against ...

4.8CVSS6.2AI score0.00237EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.4 views

PT-2026-29556

Name of the Vulnerable Software and Affected Versions: Cisco Integrated Management Controller IMC versions prior to 4.15.5, Catalyst 8300 Edge uCPE versions prior to 4.18.3, UCS C-Series M5/M6 standalone versions prior to 4.32.260007/4.36.260017/6.01.250174, UCS E-Series M3 versions prior to...

10CVSS6.1AI score0.00991EPSS
Exploits0References84
Rows per page
Query Builder