Known Vulnerabilities for Integrated Management Controller Supervisor by Cisco

Listed below are 10 of the newest known vulnerabilities associated with "Integrated Management Controller Supervisor" by "Cisco".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2020-3329 A vulnerability in role-based access control of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, ... 4.3 - MEDIUM 2020-05-06 2021-10-26
CVE-2019-1896 A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenti... 7.2 - HIGH 2019-08-21 2023-03-31
CVE-2019-1885 A vulnerability in the Redfish protocol of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote ... 7.2 - HIGH 2019-08-21 2023-03-31
CVE-2019-1883 A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, l... 7.8 - HIGH 2019-08-21 2023-03-31
CVE-2019-1871 A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an ... 7.2 - HIGH 2019-08-21 2019-10-09
CVE-2019-1865 A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an... 8.8 - HIGH 2019-08-21 2023-03-31
CVE-2019-1864 A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an... 8.8 - HIGH 2019-08-21 2023-03-31
CVE-2019-1863 A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an... 8.1 - HIGH 2019-08-21 2020-10-16
CVE-2019-1850 A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an... 7.2 - HIGH 2019-08-21 2019-10-09
CVE-2019-1634 A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could... 7.2 - HIGH 2019-08-21 2020-10-16
Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationCiscoIntegrated Management Controller Supervisor4.0\(2f\)AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.2.1.3AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.2.1.0AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.2.0.6AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.2.0.5AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.2.0.4AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.2.0.3AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.2.0.2AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.2.0.1AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.2.0.0AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.1\(0.0\)AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.1.0.2AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.1.0.1AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor2.1.0.0AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor1.1.0.0AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor1.0.0.1AllAllAll
ApplicationCiscoIntegrated Management Controller Supervisor1.0.0.0AllAllAll

Popular searches for Integrated Management Controller Supervisor

Cisco Security Advisory: Cisco Integrated Management Controller Supervisor SQL Injection Vulnerability

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-cimc-sql-inject

Cisco Security Advisory: Cisco Integrated Management Controller Supervisor SQL Injection Vulnerability 1 / -A vulnerability in the web framework code of Cisco Integrated Management Controller IMC Supervisor CiscoSecurityAdvisory/ isco -sa-20181107-cimc-sql-inject

Cisco Systems Vulnerability (computing) SQL Computer security SQL injection Security hacker Windows Metafile vulnerability Software URL Exploit (computer security) Malware Web framework Application software Code injection User (computing) World Wide Web Information Security Execution (computing) Data validation

Cisco Security Advisory: Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data SCP User Default Credentials Vulnerability

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imcs-usercred

Cisco Security Advisory: Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data SCP User Default Credentials Vulnerability vulnerability in Cisco Integrated Management Controller IMC Supervisor , Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account scpuser , which has default user credentials. The vulnerability is due to the presence of a documented default account with an undocumented default password and incorrect permission settings for that account. Changing the default password for this account is not enforced during the installation of the product. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the scpuser account. This includes full read and write access to the system's database. Cisco There are workarounds that address this vulnerability. This advisory is

Cisco Systems Vulnerability (computing) Cisco Unified Computing System User (computing) Big data Secure copy Exploit (computer security) Default password Login Security hacker Computer security Software File system permissions Patch (computing) Command-line interface Database Arbitrary code execution Windows Metafile vulnerability Installation (computer programs) Privilege (computing)

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report