3 matches found
CVE-2020-3371
CVE-2020-3371 affects Cisco Integrated Management Controller (IMC) via its web UI. The issue is a command-injection vulnerability caused by insufficient input validation, allowing an authenticated, remote attacker to inject and execute arbitrary OS commands over the management interface. Impact i...
CVE-2020-3470
Cisco IMC (Integrated Management Controller) API subsystem suffers multiple RCE vulnerabilities due to improper boundary checks on user input, enabling unauthenticated remote code execution with root privileges via crafted HTTP requests. Affected systems include Cisco UCS C-Series and UCS-E/S sto...
CVE-2021-1397
Cisco IMC Open Redirect vulnerability (CVE-2021-1397) affects the web-based management interface of Cisco Integrated Management Controller software. Type: improper input validation in HTTP request parameters, exploitable via a crafted link to redirect users to a malicious site. Impact is open red...