Lucene search
K
CiscoIntegrated Management Controller

12 matches found

CVE
CVE
•added 2019/06/20 2:50 a.m.•230 views

CVE-2019-1628

The CVE-2019-1628 issue affects Cisco Integrated Management Controller (IMC) web server. It's a numeric/buffer-overflow type vulnerability caused by incorrect bounds checking, exploitable by a crafted HTTP request from an authenticated, local attacker, leading to a process crash and DoS on the de...

5.5CVSS5.5AI score0.00385EPSS
CVE
CVE
•added 2019/06/20 3:5 a.m.•227 views

CVE-2019-1879

CVE-2019-1879 affects Cisco Integrated Management Controller (IMC) CLI. The issue is due to insufficient validation of user-supplied input in CLI commands, allowing an authenticated local attacker to inject and execute arbitrary commands with root privileges. Exploitation requires admin authentic...

7.2CVSS6.8AI score0.0042EPSS
CVE
CVE
•added 2019/06/20 2:55 a.m.•225 views

CVE-2019-1631

CVE-2019-1631 concerns Cisco’s Integrated Management Controller (IMC) Web UI. The vulnerability allows an unauthenticated, remote attacker to view sensitive system usage information due to inadequate data protection in the IMC web interface. An attacker can exploit this by sending a crafted HTTP ...

5.3CVSS5.2AI score0.02248EPSS
CVE
CVE
•added 2019/06/20 2:50 a.m.•224 views

CVE-2019-1630

Cisco CVE-2019-1630 is a denial-of-service vulnerability in the firmware signature checking program of Cisco Integrated Management Controller (IMC). A local, authenticated attacker can trigger a buffer overflow by supplying a crafted file, potentially inhibiting an administrator’s access to the s...

5.5CVSS5.5AI score0.00347EPSS
CVE
CVE
•added 2019/06/20 2:55 a.m.•220 views

CVE-2019-1632

The CVE-2019-1632 entry describes a CSRF vulnerability in Cisco Integrated Management Controller (IMC) where an authenticated remote attacker can cause arbitrary actions via the web-based management interface due to insufficient CSRF protections. Exploitation requires a user to follow a malicious...

8CVSS6AI score0.0055EPSS
CVE
CVE
•added 2019/06/20 2:50 a.m.•200 views

CVE-2019-1629

The CVE-2019-1629 issue affects Cisco Integrated Management Controller (IMC) via the configuration import utility. It stems from a failure to delete temporarily uploaded files, allowing an unauthenticated, remote attacker to gain write access and upload arbitrary data to the filesystem. This coul...

5.3CVSS5.5AI score0.01516EPSS
CVE
CVE
•added 2019/06/20 2:50 a.m.•199 views

CVE-2019-1627

CVE-2019-1627 : Cisco Integrated Management Controller (IMC) Server Utilities contain an information-disclosure vulnerability where an authenticated, remote attacker could download the configuration file due to insufficient protection of data in the configuration data. This could expose sensitive...

6.5CVSS6.4AI score0.01186EPSS
CVE
CVE
•added 2020/11/18 5:41 p.m.•73 views

CVE-2020-3470

Cisco IMC (Integrated Management Controller) API subsystem suffers multiple RCE vulnerabilities due to improper boundary checks on user input, enabling unauthenticated remote code execution with root privileges via crafted HTTP requests. Affected systems include Cisco UCS C-Series and UCS-E/S sto...

10CVSS9.9AI score0.046EPSS
CVE
CVE
•added 2020/11/06 6:16 p.m.•72 views

CVE-2020-3371

CVE-2020-3371 affects Cisco Integrated Management Controller (IMC) via its web UI. The issue is a command-injection vulnerability caused by insufficient input validation, allowing an authenticated, remote attacker to inject and execute arbitrary OS commands over the management interface. Impact i...

9CVSS7.8AI score0.01845EPSS
CVE
CVE
•added 2021/05/06 12:42 p.m.•66 views

CVE-2021-1397

Cisco IMC Open Redirect vulnerability (CVE-2021-1397) affects the web-based management interface of Cisco Integrated Management Controller software. Type: improper input validation in HTTP request parameters, exploitable via a crafted link to redirect users to a malicious site. Impact is open red...

6.1CVSS5.1AI score0.00831EPSS
CVE
CVE
•added 2014/09/10 10:0 a.m.•44 views

CVE-2014-3348

CVE-2014-3348 affects Cisco UCS IMC SSH on E-Series blade servers, with the SSH module prior to 2.3(1) vulnerable to remote, unauthenticated DoS (IMC hang) via a crafted SSH packet. Affected product: Cisco Integrated Management Controller (IMC) in UCS E-Series blade servers. Root cause: improper ...

5CVSS6.6AI score0.02584EPSS
CVE
CVE
•added 2018/11/08 7:0 p.m.•38 views

CVE-2018-15447

CVE-2018-15447 affects Cisco Integrated Management Controller (IMC) Supervisor. The vulnerability stems from inadequate validation of user-supplied input in SQL queries, allowing an unauthenticated, remote attacker to execute arbitrary SQL via crafted URLs to the affected web framework. Documente...

9.8CVSS7.7AI score0.01731EPSS