Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2026-AVI-0388
Vulnerability from certfr_avis - Published: 2026-04-02 - Updated: 2026-04-02
De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | Integrated Management Controller (IMC) | Cisco NFVIS versions antérieures à 4.18.3 sur Cisco Catalyst 8300 Series Edge uCPE | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions antérieures à 4.3(2.260007) sur UCS C-Series M5 Rack Server | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions antérieures à 3.2.17 sur UCS E-Series M3 | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions antérieures à 4.3(2.260007) (M5), 4.3(6.260017) (M6) et 6.0(1.250174) (M6) sur Secure Network Server Appliances | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions 6.x antérieures à 6.0(1.250174) sur UCS C-Series M6 Rack Server | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions antérieures à 4.3(2.260007) (M5) et 4.3(6.260017) (M6) sur Secure Endpoint Private Cloud Appliances | ||
| Cisco | Smart Software Manager On-Prem | Smart Software Manager On-Prem (SSM On-Prem) versions antérieures à 9-202601 | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions antérieures à 4.3(2.260007) (M5) et 4.3(6.260017) (M6) sur Secure Malware Analytics Appliances | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions antérieures à 4.3(2.260007) (M5) et 4.3(6.260017) (M6) sur Secure Firewall Management Center Appliances | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions antérieures à 4.3(6.260017) (M6) sur IEC6400 Edge Compute Appliances | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions antérieures à 4.15.3 sur UCS E-Series M6 | ||
| Cisco | Integrated Management Controller (IMC) | Cisco NFVIS versions antérieures à 4.15.5 sur Cisco 5000 Series ENCS | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions antérieures à 6.0(1.250192) (M6) sur Cisco Telemetry Broker Appliances | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions antérieures à 4.3(2.260007) (M5) et 6.0(1.250192) (M6) sur Secure Network Analytics Appliances | ||
| Cisco | Integrated Management Controller (IMC) | Cisco IMC versions antérieures à 4.3(6.260017) sur UCS C-Series M6 Rack Server | ||
| Cisco | Evolved Programmable Network Manager (EPNM) | Evolved Programmable Network Manager (EPNM) versions antérieures à 8.1.2 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cisco NFVIS versions ant\u00e9rieures \u00e0 4.18.3 sur Cisco Catalyst 8300 Series Edge uCPE",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions ant\u00e9rieures \u00e0 4.3(2.260007) sur UCS C-Series M5 Rack Server ",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions ant\u00e9rieures \u00e0 3.2.17 sur UCS E-Series M3",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions ant\u00e9rieures \u00e0 4.3(2.260007) (M5), 4.3(6.260017) (M6) et 6.0(1.250174) (M6) sur Secure Network Server Appliances",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions 6.x ant\u00e9rieures \u00e0 6.0(1.250174) sur UCS C-Series M6 Rack Server ",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions ant\u00e9rieures \u00e0 4.3(2.260007) (M5) et 4.3(6.260017) (M6) sur Secure Endpoint Private Cloud Appliances",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Smart Software Manager On-Prem (SSM On-Prem) versions ant\u00e9rieures \u00e0 9-202601",
"product": {
"name": "Smart Software Manager On-Prem",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions ant\u00e9rieures \u00e0 4.3(2.260007) (M5) et 4.3(6.260017) (M6) sur Secure Malware Analytics Appliances",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions ant\u00e9rieures \u00e0 4.3(2.260007) (M5) et 4.3(6.260017) (M6) sur Secure Firewall Management Center Appliances",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions ant\u00e9rieures \u00e0 4.3(6.260017) (M6) sur IEC6400 Edge Compute Appliances",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions ant\u00e9rieures \u00e0 4.15.3 sur UCS E-Series M6",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco NFVIS versions ant\u00e9rieures \u00e0 4.15.5 sur Cisco 5000 Series ENCS",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions ant\u00e9rieures \u00e0 6.0(1.250192) (M6) sur Cisco Telemetry Broker Appliances",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions ant\u00e9rieures \u00e0 4.3(2.260007) (M5) et 6.0(1.250192) (M6) sur Secure Network Analytics Appliances",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco IMC versions ant\u00e9rieures \u00e0 4.3(6.260017) sur UCS C-Series M6 Rack Server ",
"product": {
"name": "Integrated Management Controller (IMC)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Evolved Programmable Network Manager (EPNM) versions ant\u00e9rieures \u00e0 8.1.2",
"product": {
"name": "Evolved Programmable Network Manager (EPNM)",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-20094",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20094"
},
{
"name": "CVE-2026-20151",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20151"
},
{
"name": "CVE-2026-20155",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20155"
},
{
"name": "CVE-2026-20096",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20096"
},
{
"name": "CVE-2026-20097",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20097"
},
{
"name": "CVE-2026-20160",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20160"
},
{
"name": "CVE-2026-20095",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20095"
},
{
"name": "CVE-2026-20093",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20093"
}
],
"initial_release_date": "2026-04-02T00:00:00",
"last_revision_date": "2026-04-02T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0388",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": "2026-04-01",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ssm-cli-execution-cHUcWuNr",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssm-cli-execution-cHUcWuNr"
},
{
"published_at": "2026-04-01",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-cimc-auth-bypass-AgG2BxTn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn"
},
{
"published_at": "2026-04-01",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-cimc-cmd-inj-3hKN3bVt",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt"
},
{
"published_at": "2026-04-01",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-cssm-priv-esc-xRAnOuO8",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-xRAnOuO8"
},
{
"published_at": "2026-04-01",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-epnm-improp-auth-mUwFWUU3",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-improp-auth-mUwFWUU3"
}
]
}
CVE-2026-20097 (GCVE-0-2026-20097)
Vulnerability from cvelistv5 – Published: 2026-04-01 16:29 – Updated: 2026-04-02 03:56
VLAI?
EPSS
Title
Cisco Integrated Management Controller Remote Code Execution Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to execute arbitrary code as the root user. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
Cisco has assigned this vulnerability a SIR of High rather than Medium as the score indicates because additional security implications could occur when the attacker becomes root.
Severity ?
6.5 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Standalone) |
Affected:
4.0(2g)
Affected: 3.1(2i) Affected: 3.1(1d) Affected: 4.0(4i) Affected: 4.1(1c) Affected: 4.0(2c) Affected: 4.0(1e) Affected: 4.0(2h) Affected: 4.0(4h) Affected: 4.0(1h) Affected: 4.0(2l) Affected: 3.1(3g) Affected: 4.0(1.240) Affected: 4.0(2f) Affected: 4.0(1g) Affected: 4.0(2i) Affected: 3.1(3i) Affected: 4.0(4d) Affected: 4.1(1d) Affected: 3.1(3c) Affected: 4.0(4k) Affected: 3.1(2d) Affected: 3.1(3a) Affected: 3.1(3j) Affected: 4.0(2d) Affected: 4.1(1f) Affected: 4.0(1c) Affected: 4.0(4f) Affected: 4.0(4c) Affected: 3.1(3d) Affected: 3.1(2g) Affected: 3.1(2c) Affected: 4.0(1d) Affected: 3.1(2e) Affected: 4.0(1a) Affected: 4.0(1b) Affected: 3.1(3b) Affected: 4.0(4b) Affected: 3.1(2b) Affected: 4.0(4e) Affected: 3.1(3h) Affected: 4.0(4l) Affected: 4.1(1g) Affected: 4.1(2a) Affected: 4.0(2n) Affected: 4.1(1h) Affected: 3.1(3k) Affected: 4.1(2b) Affected: 4.0(2o) Affected: 4.0(4m) Affected: 4.1(2d) Affected: 4.1(3b) Affected: 4.0(2p) Affected: 4.1(2e) Affected: 4.1(2f) Affected: 4.0(4n) Affected: 4.0(2q) Affected: 4.1(3c) Affected: 4.0(2r) Affected: 4.1(3d) Affected: 4.1(2g) Affected: 4.1(2h) Affected: 4.1(3f) Affected: 4.1(2j) Affected: 4.1(2k) Affected: 4.1(3h) Affected: 4.2(2a) Affected: 4.1(3i) Affected: 4.2(2f) Affected: 4.2(2g) Affected: 4.2(3b) Affected: 4.1(3l) Affected: 4.2(3d) Affected: 4.3(1.230097) Affected: 4.2(1e) Affected: 4.2(1b) Affected: 4.2(1j) Affected: 4.2(1i) Affected: 4.2(1f) Affected: 4.2(1a) Affected: 4.2(1c) Affected: 4.2(1g) Affected: 4.3(1.230124) Affected: 4.1(2l) Affected: 4.2(3e) Affected: 4.3(1.230138) Affected: 4.2(3g) Affected: 4.3(2.230207) Affected: 4.2(3h) Affected: 4.2(3i) Affected: 4.3(2.230270) Affected: 4.1(3m) Affected: 4.1(2m) Affected: 4.3(2.240002) Affected: 4.3(3.240022) Affected: 4.2(3j) Affected: 4.1(3n) Affected: 4.3(2.240009) Affected: 4.3(3.240043) Affected: 4.3(4.240142) Affected: 4.3(2.240037) Affected: 4.3(2.240053) Affected: 4.3(4.240152) Affected: 4.2(3l) Affected: 4.3(2.240077) Affected: 4.3(4.242028) Affected: 4.3(4.241063) Affected: 4.3(4.242038) Affected: 4.2(3m) Affected: 4.3(2.240090) Affected: 4.3(5.240021) Affected: 4.3(2.240107) Affected: 4.3(4.242066) Affected: 4.2(3n) Affected: 4.3(5.250001) Affected: 4.2(3o) Affected: 4.3(2.250016) Affected: 4.3(2.250021) Affected: 4.3(5.250030) Affected: 4.3(2.250022) Affected: 4.3(6.250040) Affected: 4.3(5.250033) Affected: 4.3(6.250044) Affected: 4.3(6.250053) Affected: 4.3(2.250037) Affected: 4.3(2.250045) Affected: 4.3(4.252001) Affected: 4.3(4.252002) Affected: 6.0(1.250127) Affected: 4.2(3p) Affected: 6.0(1.250131) Affected: 4.3(6.250101) Affected: 6.0(1.250174) Affected: 4.3(6.250117) Affected: 4.3(5.250043) Affected: 4.3(6.250039) Affected: 4.3(5.250045) Affected: 4.3(6.250060) Affected: 6.0(1.250130) Affected: 4.3(4.241014) Affected: 4.3(2.250063) Affected: 6.0(1.250192) Affected: 4.3(6.260003) Affected: 6.0(1.250194) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20097",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:16.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Computing System (Standalone)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0(2g)"
},
{
"status": "affected",
"version": "3.1(2i)"
},
{
"status": "affected",
"version": "3.1(1d)"
},
{
"status": "affected",
"version": "4.0(4i)"
},
{
"status": "affected",
"version": "4.1(1c)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "4.0(1e)"
},
{
"status": "affected",
"version": "4.0(2h)"
},
{
"status": "affected",
"version": "4.0(4h)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "4.0(2l)"
},
{
"status": "affected",
"version": "3.1(3g)"
},
{
"status": "affected",
"version": "4.0(1.240)"
},
{
"status": "affected",
"version": "4.0(2f)"
},
{
"status": "affected",
"version": "4.0(1g)"
},
{
"status": "affected",
"version": "4.0(2i)"
},
{
"status": "affected",
"version": "3.1(3i)"
},
{
"status": "affected",
"version": "4.0(4d)"
},
{
"status": "affected",
"version": "4.1(1d)"
},
{
"status": "affected",
"version": "3.1(3c)"
},
{
"status": "affected",
"version": "4.0(4k)"
},
{
"status": "affected",
"version": "3.1(2d)"
},
{
"status": "affected",
"version": "3.1(3a)"
},
{
"status": "affected",
"version": "3.1(3j)"
},
{
"status": "affected",
"version": "4.0(2d)"
},
{
"status": "affected",
"version": "4.1(1f)"
},
{
"status": "affected",
"version": "4.0(1c)"
},
{
"status": "affected",
"version": "4.0(4f)"
},
{
"status": "affected",
"version": "4.0(4c)"
},
{
"status": "affected",
"version": "3.1(3d)"
},
{
"status": "affected",
"version": "3.1(2g)"
},
{
"status": "affected",
"version": "3.1(2c)"
},
{
"status": "affected",
"version": "4.0(1d)"
},
{
"status": "affected",
"version": "3.1(2e)"
},
{
"status": "affected",
"version": "4.0(1a)"
},
{
"status": "affected",
"version": "4.0(1b)"
},
{
"status": "affected",
"version": "3.1(3b)"
},
{
"status": "affected",
"version": "4.0(4b)"
},
{
"status": "affected",
"version": "3.1(2b)"
},
{
"status": "affected",
"version": "4.0(4e)"
},
{
"status": "affected",
"version": "3.1(3h)"
},
{
"status": "affected",
"version": "4.0(4l)"
},
{
"status": "affected",
"version": "4.1(1g)"
},
{
"status": "affected",
"version": "4.1(2a)"
},
{
"status": "affected",
"version": "4.0(2n)"
},
{
"status": "affected",
"version": "4.1(1h)"
},
{
"status": "affected",
"version": "3.1(3k)"
},
{
"status": "affected",
"version": "4.1(2b)"
},
{
"status": "affected",
"version": "4.0(2o)"
},
{
"status": "affected",
"version": "4.0(4m)"
},
{
"status": "affected",
"version": "4.1(2d)"
},
{
"status": "affected",
"version": "4.1(3b)"
},
{
"status": "affected",
"version": "4.0(2p)"
},
{
"status": "affected",
"version": "4.1(2e)"
},
{
"status": "affected",
"version": "4.1(2f)"
},
{
"status": "affected",
"version": "4.0(4n)"
},
{
"status": "affected",
"version": "4.0(2q)"
},
{
"status": "affected",
"version": "4.1(3c)"
},
{
"status": "affected",
"version": "4.0(2r)"
},
{
"status": "affected",
"version": "4.1(3d)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "4.1(2h)"
},
{
"status": "affected",
"version": "4.1(3f)"
},
{
"status": "affected",
"version": "4.1(2j)"
},
{
"status": "affected",
"version": "4.1(2k)"
},
{
"status": "affected",
"version": "4.1(3h)"
},
{
"status": "affected",
"version": "4.2(2a)"
},
{
"status": "affected",
"version": "4.1(3i)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "4.2(3b)"
},
{
"status": "affected",
"version": "4.1(3l)"
},
{
"status": "affected",
"version": "4.2(3d)"
},
{
"status": "affected",
"version": "4.3(1.230097)"
},
{
"status": "affected",
"version": "4.2(1e)"
},
{
"status": "affected",
"version": "4.2(1b)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.2(1f)"
},
{
"status": "affected",
"version": "4.2(1a)"
},
{
"status": "affected",
"version": "4.2(1c)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "4.3(1.230124)"
},
{
"status": "affected",
"version": "4.1(2l)"
},
{
"status": "affected",
"version": "4.2(3e)"
},
{
"status": "affected",
"version": "4.3(1.230138)"
},
{
"status": "affected",
"version": "4.2(3g)"
},
{
"status": "affected",
"version": "4.3(2.230207)"
},
{
"status": "affected",
"version": "4.2(3h)"
},
{
"status": "affected",
"version": "4.2(3i)"
},
{
"status": "affected",
"version": "4.3(2.230270)"
},
{
"status": "affected",
"version": "4.1(3m)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "4.3(2.240002)"
},
{
"status": "affected",
"version": "4.3(3.240022)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.1(3n)"
},
{
"status": "affected",
"version": "4.3(2.240009)"
},
{
"status": "affected",
"version": "4.3(3.240043)"
},
{
"status": "affected",
"version": "4.3(4.240142)"
},
{
"status": "affected",
"version": "4.3(2.240037)"
},
{
"status": "affected",
"version": "4.3(2.240053)"
},
{
"status": "affected",
"version": "4.3(4.240152)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.3(2.240077)"
},
{
"status": "affected",
"version": "4.3(4.242028)"
},
{
"status": "affected",
"version": "4.3(4.241063)"
},
{
"status": "affected",
"version": "4.3(4.242038)"
},
{
"status": "affected",
"version": "4.2(3m)"
},
{
"status": "affected",
"version": "4.3(2.240090)"
},
{
"status": "affected",
"version": "4.3(5.240021)"
},
{
"status": "affected",
"version": "4.3(2.240107)"
},
{
"status": "affected",
"version": "4.3(4.242066)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "4.3(5.250001)"
},
{
"status": "affected",
"version": "4.2(3o)"
},
{
"status": "affected",
"version": "4.3(2.250016)"
},
{
"status": "affected",
"version": "4.3(2.250021)"
},
{
"status": "affected",
"version": "4.3(5.250030)"
},
{
"status": "affected",
"version": "4.3(2.250022)"
},
{
"status": "affected",
"version": "4.3(6.250040)"
},
{
"status": "affected",
"version": "4.3(5.250033)"
},
{
"status": "affected",
"version": "4.3(6.250044)"
},
{
"status": "affected",
"version": "4.3(6.250053)"
},
{
"status": "affected",
"version": "4.3(2.250037)"
},
{
"status": "affected",
"version": "4.3(2.250045)"
},
{
"status": "affected",
"version": "4.3(4.252001)"
},
{
"status": "affected",
"version": "4.3(4.252002)"
},
{
"status": "affected",
"version": "6.0(1.250127)"
},
{
"status": "affected",
"version": "4.2(3p)"
},
{
"status": "affected",
"version": "6.0(1.250131)"
},
{
"status": "affected",
"version": "4.3(6.250101)"
},
{
"status": "affected",
"version": "6.0(1.250174)"
},
{
"status": "affected",
"version": "4.3(6.250117)"
},
{
"status": "affected",
"version": "4.3(5.250043)"
},
{
"status": "affected",
"version": "4.3(6.250039)"
},
{
"status": "affected",
"version": "4.3(5.250045)"
},
{
"status": "affected",
"version": "4.3(6.250060)"
},
{
"status": "affected",
"version": "6.0(1.250130)"
},
{
"status": "affected",
"version": "4.3(4.241014)"
},
{
"status": "affected",
"version": "4.3(2.250063)"
},
{
"status": "affected",
"version": "6.0(1.250192)"
},
{
"status": "affected",
"version": "4.3(6.260003)"
},
{
"status": "affected",
"version": "6.0(1.250194)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to execute arbitrary code as the root user.\u0026nbsp;This vulnerability is due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.\r\n\r\nCisco has assigned this vulnerability a SIR of High rather than Medium as the score indicates because additional security implications could occur when the attacker becomes root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T16:29:00.607Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cimc-cmd-inj-3hKN3bVt",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt"
}
],
"source": {
"advisory": "cisco-sa-cimc-cmd-inj-3hKN3bVt",
"defects": [
"CSCwr60925"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Integrated Management Controller Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20097",
"datePublished": "2026-04-01T16:29:00.607Z",
"dateReserved": "2025-10-08T11:59:15.369Z",
"dateUpdated": "2026-04-02T03:56:16.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20094 (GCVE-0-2026-20094)
Vulnerability from cvelistv5 – Published: 2026-04-01 16:28 – Updated: 2026-04-02 03:56
VLAI?
EPSS
Title
Cisco Integrated Management Controller Command Injection Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user.
This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user.
Severity ?
8.8 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Standalone) |
Affected:
4.0(2g)
Affected: 3.1(2i) Affected: 3.1(1d) Affected: 4.0(4i) Affected: 4.1(1c) Affected: 4.0(2c) Affected: 4.0(1e) Affected: 4.0(2h) Affected: 4.0(4h) Affected: 4.0(1h) Affected: 4.0(2l) Affected: 3.1(3g) Affected: 4.0(1.240) Affected: 4.0(2f) Affected: 4.0(1g) Affected: 4.0(2i) Affected: 3.1(3i) Affected: 4.0(4d) Affected: 4.1(1d) Affected: 3.1(3c) Affected: 4.0(4k) Affected: 3.1(2d) Affected: 3.1(3a) Affected: 3.1(3j) Affected: 4.0(2d) Affected: 4.1(1f) Affected: 4.0(4j) Affected: 4.0(2m) Affected: 4.0(2k) Affected: 4.0(1c) Affected: 4.0(4f) Affected: 4.0(4c) Affected: 3.1(3d) Affected: 3.1(2g) Affected: 3.1(2c) Affected: 4.0(1d) Affected: 3.1(2e) Affected: 4.0(1a) Affected: 4.0(1b) Affected: 3.1(3b) Affected: 4.0(4b) Affected: 3.1(2b) Affected: 4.0(4e) Affected: 3.1(3h) Affected: 4.0(4l) Affected: 4.1(1g) Affected: 4.1(2a) Affected: 4.0(2n) Affected: 4.1(1h) Affected: 3.1(3k) Affected: 4.1(2b) Affected: 4.0(2o) Affected: 4.0(4m) Affected: 4.1(2d) Affected: 4.1(3b) Affected: 4.0(2p) Affected: 4.1(2e) Affected: 4.1(2f) Affected: 4.0(4n) Affected: 4.0(2q) Affected: 4.1(3c) Affected: 4.0(2r) Affected: 4.1(3d) Affected: 4.1(2g) Affected: 4.1(2h) Affected: 4.1(3g) Affected: 4.1(3f) Affected: 4.1(2j) Affected: 4.1(2k) Affected: 4.1(3h) Affected: 4.2(2a) Affected: 4.1(3i) Affected: 4.2(2f) Affected: 4.2(2g) Affected: 4.2(3b) Affected: 4.1(3l) Affected: 4.2(3d) Affected: 4.3(1.230097) Affected: 4.2(1e) Affected: 4.2(1b) Affected: 4.2(1j) Affected: 4.2(1i) Affected: 4.2(1f) Affected: 4.2(1a) Affected: 4.2(1c) Affected: 4.2(1g) Affected: 4.3(1.230124) Affected: 4.1(2l) Affected: 4.2(3e) Affected: 4.3(1.230138) Affected: 4.2(3g) Affected: 4.3(2.230207) Affected: 4.2(3h) Affected: 4.2(3i) Affected: 4.3(2.230270) Affected: 4.1(3m) Affected: 4.1(2m) Affected: 4.3(2.240002) Affected: 4.3(3.240022) Affected: 4.2(3j) Affected: 4.1(3n) Affected: 4.3(2.240009) Affected: 4.3(3.240041) Affected: 4.2(3k) Affected: 4.3(3.240043) Affected: 4.3(4.240142) Affected: 4.3(2.240037) Affected: 4.3(2.240053) Affected: 4.3(4.240152) Affected: 4.2(3l) Affected: 4.3(2.240077) Affected: 4.3(4.242028) Affected: 4.3(4.241063) Affected: 4.3(4.242038) Affected: 4.2(3m) Affected: 4.3(2.240090) Affected: 4.3(5.240021) Affected: 4.3(2.240107) Affected: 4.3(4.242066) Affected: 4.2(3n) Affected: 4.3(5.250001) Affected: 4.2(3o) Affected: 4.3(2.250016) Affected: 4.3(2.250021) Affected: 4.3(5.250030) Affected: 4.3(2.250022) Affected: 4.3(6.250039) Affected: 4.3(6.250040) Affected: 4.3(5.250033) Affected: 4.3(6.250044) Affected: 4.3(6.250053) Affected: 4.3(2.250037) Affected: 4.3(2.250045) Affected: 4.3(4.252001) Affected: 4.3(4.252002) Affected: 6.0(1.250127) Affected: 4.2(3p) Affected: 6.0(1.250131) Affected: 4.3(6.250101) Affected: 6.0(1.250174) Affected: 4.3(6.250117) Affected: 4.3(5.250043) Affected: 4.3(5.250045) Affected: 4.3(6.250060) Affected: 6.0(1.250130) Affected: 4.3(4.241014) Affected: 4.3(2.250063) Affected: 6.0(1.250192) Affected: 4.3(6.260003) Affected: 6.0(1.250194) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20094",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:15.176Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Computing System (Standalone)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0(2g)"
},
{
"status": "affected",
"version": "3.1(2i)"
},
{
"status": "affected",
"version": "3.1(1d)"
},
{
"status": "affected",
"version": "4.0(4i)"
},
{
"status": "affected",
"version": "4.1(1c)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "4.0(1e)"
},
{
"status": "affected",
"version": "4.0(2h)"
},
{
"status": "affected",
"version": "4.0(4h)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "4.0(2l)"
},
{
"status": "affected",
"version": "3.1(3g)"
},
{
"status": "affected",
"version": "4.0(1.240)"
},
{
"status": "affected",
"version": "4.0(2f)"
},
{
"status": "affected",
"version": "4.0(1g)"
},
{
"status": "affected",
"version": "4.0(2i)"
},
{
"status": "affected",
"version": "3.1(3i)"
},
{
"status": "affected",
"version": "4.0(4d)"
},
{
"status": "affected",
"version": "4.1(1d)"
},
{
"status": "affected",
"version": "3.1(3c)"
},
{
"status": "affected",
"version": "4.0(4k)"
},
{
"status": "affected",
"version": "3.1(2d)"
},
{
"status": "affected",
"version": "3.1(3a)"
},
{
"status": "affected",
"version": "3.1(3j)"
},
{
"status": "affected",
"version": "4.0(2d)"
},
{
"status": "affected",
"version": "4.1(1f)"
},
{
"status": "affected",
"version": "4.0(4j)"
},
{
"status": "affected",
"version": "4.0(2m)"
},
{
"status": "affected",
"version": "4.0(2k)"
},
{
"status": "affected",
"version": "4.0(1c)"
},
{
"status": "affected",
"version": "4.0(4f)"
},
{
"status": "affected",
"version": "4.0(4c)"
},
{
"status": "affected",
"version": "3.1(3d)"
},
{
"status": "affected",
"version": "3.1(2g)"
},
{
"status": "affected",
"version": "3.1(2c)"
},
{
"status": "affected",
"version": "4.0(1d)"
},
{
"status": "affected",
"version": "3.1(2e)"
},
{
"status": "affected",
"version": "4.0(1a)"
},
{
"status": "affected",
"version": "4.0(1b)"
},
{
"status": "affected",
"version": "3.1(3b)"
},
{
"status": "affected",
"version": "4.0(4b)"
},
{
"status": "affected",
"version": "3.1(2b)"
},
{
"status": "affected",
"version": "4.0(4e)"
},
{
"status": "affected",
"version": "3.1(3h)"
},
{
"status": "affected",
"version": "4.0(4l)"
},
{
"status": "affected",
"version": "4.1(1g)"
},
{
"status": "affected",
"version": "4.1(2a)"
},
{
"status": "affected",
"version": "4.0(2n)"
},
{
"status": "affected",
"version": "4.1(1h)"
},
{
"status": "affected",
"version": "3.1(3k)"
},
{
"status": "affected",
"version": "4.1(2b)"
},
{
"status": "affected",
"version": "4.0(2o)"
},
{
"status": "affected",
"version": "4.0(4m)"
},
{
"status": "affected",
"version": "4.1(2d)"
},
{
"status": "affected",
"version": "4.1(3b)"
},
{
"status": "affected",
"version": "4.0(2p)"
},
{
"status": "affected",
"version": "4.1(2e)"
},
{
"status": "affected",
"version": "4.1(2f)"
},
{
"status": "affected",
"version": "4.0(4n)"
},
{
"status": "affected",
"version": "4.0(2q)"
},
{
"status": "affected",
"version": "4.1(3c)"
},
{
"status": "affected",
"version": "4.0(2r)"
},
{
"status": "affected",
"version": "4.1(3d)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "4.1(2h)"
},
{
"status": "affected",
"version": "4.1(3g)"
},
{
"status": "affected",
"version": "4.1(3f)"
},
{
"status": "affected",
"version": "4.1(2j)"
},
{
"status": "affected",
"version": "4.1(2k)"
},
{
"status": "affected",
"version": "4.1(3h)"
},
{
"status": "affected",
"version": "4.2(2a)"
},
{
"status": "affected",
"version": "4.1(3i)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "4.2(3b)"
},
{
"status": "affected",
"version": "4.1(3l)"
},
{
"status": "affected",
"version": "4.2(3d)"
},
{
"status": "affected",
"version": "4.3(1.230097)"
},
{
"status": "affected",
"version": "4.2(1e)"
},
{
"status": "affected",
"version": "4.2(1b)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.2(1f)"
},
{
"status": "affected",
"version": "4.2(1a)"
},
{
"status": "affected",
"version": "4.2(1c)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "4.3(1.230124)"
},
{
"status": "affected",
"version": "4.1(2l)"
},
{
"status": "affected",
"version": "4.2(3e)"
},
{
"status": "affected",
"version": "4.3(1.230138)"
},
{
"status": "affected",
"version": "4.2(3g)"
},
{
"status": "affected",
"version": "4.3(2.230207)"
},
{
"status": "affected",
"version": "4.2(3h)"
},
{
"status": "affected",
"version": "4.2(3i)"
},
{
"status": "affected",
"version": "4.3(2.230270)"
},
{
"status": "affected",
"version": "4.1(3m)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "4.3(2.240002)"
},
{
"status": "affected",
"version": "4.3(3.240022)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.1(3n)"
},
{
"status": "affected",
"version": "4.3(2.240009)"
},
{
"status": "affected",
"version": "4.3(3.240041)"
},
{
"status": "affected",
"version": "4.2(3k)"
},
{
"status": "affected",
"version": "4.3(3.240043)"
},
{
"status": "affected",
"version": "4.3(4.240142)"
},
{
"status": "affected",
"version": "4.3(2.240037)"
},
{
"status": "affected",
"version": "4.3(2.240053)"
},
{
"status": "affected",
"version": "4.3(4.240152)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.3(2.240077)"
},
{
"status": "affected",
"version": "4.3(4.242028)"
},
{
"status": "affected",
"version": "4.3(4.241063)"
},
{
"status": "affected",
"version": "4.3(4.242038)"
},
{
"status": "affected",
"version": "4.2(3m)"
},
{
"status": "affected",
"version": "4.3(2.240090)"
},
{
"status": "affected",
"version": "4.3(5.240021)"
},
{
"status": "affected",
"version": "4.3(2.240107)"
},
{
"status": "affected",
"version": "4.3(4.242066)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "4.3(5.250001)"
},
{
"status": "affected",
"version": "4.2(3o)"
},
{
"status": "affected",
"version": "4.3(2.250016)"
},
{
"status": "affected",
"version": "4.3(2.250021)"
},
{
"status": "affected",
"version": "4.3(5.250030)"
},
{
"status": "affected",
"version": "4.3(2.250022)"
},
{
"status": "affected",
"version": "4.3(6.250039)"
},
{
"status": "affected",
"version": "4.3(6.250040)"
},
{
"status": "affected",
"version": "4.3(5.250033)"
},
{
"status": "affected",
"version": "4.3(6.250044)"
},
{
"status": "affected",
"version": "4.3(6.250053)"
},
{
"status": "affected",
"version": "4.3(2.250037)"
},
{
"status": "affected",
"version": "4.3(2.250045)"
},
{
"status": "affected",
"version": "4.3(4.252001)"
},
{
"status": "affected",
"version": "4.3(4.252002)"
},
{
"status": "affected",
"version": "6.0(1.250127)"
},
{
"status": "affected",
"version": "4.2(3p)"
},
{
"status": "affected",
"version": "6.0(1.250131)"
},
{
"status": "affected",
"version": "4.3(6.250101)"
},
{
"status": "affected",
"version": "6.0(1.250174)"
},
{
"status": "affected",
"version": "4.3(6.250117)"
},
{
"status": "affected",
"version": "4.3(5.250043)"
},
{
"status": "affected",
"version": "4.3(5.250045)"
},
{
"status": "affected",
"version": "4.3(6.250060)"
},
{
"status": "affected",
"version": "6.0(1.250130)"
},
{
"status": "affected",
"version": "4.3(4.241014)"
},
{
"status": "affected",
"version": "4.3(2.250063)"
},
{
"status": "affected",
"version": "6.0(1.250192)"
},
{
"status": "affected",
"version": "4.3(6.260003)"
},
{
"status": "affected",
"version": "6.0(1.250194)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2.7"
},
{
"status": "affected",
"version": "3.2.6"
},
{
"status": "affected",
"version": "3.2.4"
},
{
"status": "affected",
"version": "3.2.10"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.3"
},
{
"status": "affected",
"version": "2.4.0"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.11.1"
},
{
"status": "affected",
"version": "3.2.8"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "2.3.2"
},
{
"status": "affected",
"version": "2.3.5"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "2.4.1"
},
{
"status": "affected",
"version": "2.3.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "2.3.3"
},
{
"status": "affected",
"version": "2.4.2"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.2.11.3"
},
{
"status": "affected",
"version": "3.2.11.5"
},
{
"status": "affected",
"version": "3.2.12.2"
},
{
"status": "affected",
"version": "3.2.13.6"
},
{
"status": "affected",
"version": "3.2.14"
},
{
"status": "affected",
"version": "4.11.1"
},
{
"status": "affected",
"version": "3.2.15"
},
{
"status": "affected",
"version": "4.12.1"
},
{
"status": "affected",
"version": "3.2.15.3"
},
{
"status": "affected",
"version": "4.12.2"
},
{
"status": "affected",
"version": "3.2.16.1"
},
{
"status": "affected",
"version": "4.00"
},
{
"status": "affected",
"version": "4.15.2"
},
{
"status": "affected",
"version": "4.02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user.\r\n\r\nThis vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T16:28:50.641Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cimc-cmd-inj-3hKN3bVt",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt"
}
],
"source": {
"advisory": "cisco-sa-cimc-cmd-inj-3hKN3bVt",
"defects": [
"CSCwr60021"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Integrated Management Controller Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20094",
"datePublished": "2026-04-01T16:28:50.641Z",
"dateReserved": "2025-10-08T11:59:15.369Z",
"dateUpdated": "2026-04-02T03:56:15.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20151 (GCVE-0-2026-20151)
Vulnerability from cvelistv5 – Published: 2026-04-01 16:29 – Updated: 2026-04-02 03:56
VLAI?
EPSS
Title
Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability
Summary
A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges on an affected system.
This vulnerability is due to the improper transmission of sensitive user information. An attacker could exploit this vulnerability by sending a crafted message to an affected Cisco SSM On-Prem host and retrieving session credentials from subsequent status messages. A successful exploit could allow the attacker to elevate privileges on the affected system from low to administrative.
To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of System User.
Note: This vulnerability exposes information only about users who logged in to the Cisco SSM On-Prem host using the web interface and who are currently logged in. SSH sessions are not affected.
Severity ?
7.3 (High)
CWE
- CWE-201 - Insertion of Sensitive Information Into Sent Data
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Smart Software Manager On-Prem |
Affected:
7-202001
Affected: 8-202004 Affected: 8-202006 Affected: 8-202012 Affected: 8-202010 Affected: 8-202008 Affected: 9-202201 Affected: 8-202102 Affected: 8-202105 Affected: 8-202108 Affected: 8-202112 Affected: 8-202201 Affected: 8-202206 Affected: 8-202212 Affected: 8-202302 Affected: 8-202303 Affected: 8-202304 Affected: 8-202308 Affected: 8-202401 Affected: 8-202404 Affected: 9-202406 Affected: 9-202407 Affected: 9-202410 Affected: 9-202412 Affected: 9-202501 Affected: 9-202502 Affected: 9-202504 Affected: 9-202507 Affected: 9-202510 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20151",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:09.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Smart Software Manager On-Prem",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7-202001"
},
{
"status": "affected",
"version": "8-202004"
},
{
"status": "affected",
"version": "8-202006"
},
{
"status": "affected",
"version": "8-202012"
},
{
"status": "affected",
"version": "8-202010"
},
{
"status": "affected",
"version": "8-202008"
},
{
"status": "affected",
"version": "9-202201"
},
{
"status": "affected",
"version": "8-202102"
},
{
"status": "affected",
"version": "8-202105"
},
{
"status": "affected",
"version": "8-202108"
},
{
"status": "affected",
"version": "8-202112"
},
{
"status": "affected",
"version": "8-202201"
},
{
"status": "affected",
"version": "8-202206"
},
{
"status": "affected",
"version": "8-202212"
},
{
"status": "affected",
"version": "8-202302"
},
{
"status": "affected",
"version": "8-202303"
},
{
"status": "affected",
"version": "8-202304"
},
{
"status": "affected",
"version": "8-202308"
},
{
"status": "affected",
"version": "8-202401"
},
{
"status": "affected",
"version": "8-202404"
},
{
"status": "affected",
"version": "9-202406"
},
{
"status": "affected",
"version": "9-202407"
},
{
"status": "affected",
"version": "9-202410"
},
{
"status": "affected",
"version": "9-202412"
},
{
"status": "affected",
"version": "9-202501"
},
{
"status": "affected",
"version": "9-202502"
},
{
"status": "affected",
"version": "9-202504"
},
{
"status": "affected",
"version": "9-202507"
},
{
"status": "affected",
"version": "9-202510"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges on an affected system.\r\n\r\nThis vulnerability is due to the improper transmission of sensitive user information. An attacker could exploit this vulnerability by sending a crafted message to an affected Cisco SSM On-Prem host and retrieving session credentials from subsequent status messages. A successful exploit could allow the attacker to elevate privileges on the affected system from low to administrative.\r\nTo exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of System User.\r\nNote: This vulnerability exposes information only about users who logged in to the Cisco SSM On-Prem host using the web interface and who are currently logged in. SSH sessions are not affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-201",
"description": "Insertion of Sensitive Information Into Sent Data",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T16:29:13.496Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cssm-priv-esc-xRAnOuO8",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-xRAnOuO8"
}
],
"source": {
"advisory": "cisco-sa-cssm-priv-esc-xRAnOuO8",
"defects": [
"CSCwr86065"
],
"discovery": "INTERNAL"
},
"title": "Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20151",
"datePublished": "2026-04-01T16:29:13.496Z",
"dateReserved": "2025-10-08T11:59:15.385Z",
"dateUpdated": "2026-04-02T03:56:09.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20160 (GCVE-0-2026-20160)
Vulnerability from cvelistv5 – Published: 2026-04-01 16:29 – Updated: 2026-04-02 03:56
VLAI?
EPSS
Title
Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability
Summary
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected SSM On-Prem host.
This vulnerability is due to the unintentional exposure of an internal service. An attacker could exploit this vulnerability by sending a crafted request to the API of the exposed service. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.
Severity ?
9.8 (Critical)
CWE
- CWE-668 - Exposure of Resource to Wrong Sphere
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Smart Software Manager On-Prem |
Affected:
9-202502
Affected: 9-202504 Affected: 9-202507 Affected: 9-202510 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20160",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:10.746Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Smart Software Manager On-Prem",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9-202502"
},
{
"status": "affected",
"version": "9-202504"
},
{
"status": "affected",
"version": "9-202507"
},
{
"status": "affected",
"version": "9-202510"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected SSM On-Prem host.\r\n\r\nThis vulnerability is due to the unintentional exposure of an\u0026nbsp;internal service. An attacker could exploit this vulnerability by sending a crafted request to the API of the exposed service. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-668",
"description": "Exposure of Resource to Wrong Sphere",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T16:29:22.741Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ssm-cli-execution-cHUcWuNr",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssm-cli-execution-cHUcWuNr"
}
],
"source": {
"advisory": "cisco-sa-ssm-cli-execution-cHUcWuNr",
"defects": [
"CSCws84279"
],
"discovery": "INTERNAL"
},
"title": "Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20160",
"datePublished": "2026-04-01T16:29:22.741Z",
"dateReserved": "2025-10-08T11:59:15.388Z",
"dateUpdated": "2026-04-02T03:56:10.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20096 (GCVE-0-2026-20096)
Vulnerability from cvelistv5 – Published: 2026-04-01 16:29 – Updated: 2026-04-02 03:56
VLAI?
EPSS
Title
Cisco Integrated Management Controller Command Injection Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user.
This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user. Cisco has assigned this vulnerability a Security Impact Rating (SIR) of High, rather than Medium as the score indicates, because additional security implications could occur once the attacker has become root.
Severity ?
6.5 (Medium)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Enterprise NFV Infrastructure Software |
Affected:
4.1.1
Affected: 3.9.1 Affected: 3.5.2 Affected: 3.12.2 Affected: 3.6.2 Affected: 3.9.2 Affected: 3.11.3 Affected: 3.11.1 Affected: 3.5.1 Affected: 3.3.1 Affected: 3.10.2 Affected: 3.12.1b Affected: 3.4.1 Affected: 3.12.1a Affected: 3.6.3 Affected: 3.8.1 Affected: 3.11.2 Affected: 3.12.1 Affected: 3.12.3 Affected: 3.10.1 Affected: 3.6.1 Affected: 3.10.3 Affected: 3.7.1 Affected: 4.1.2 Affected: 4.2.1 Affected: 4.2.2 Affected: 4.4.1 Affected: 4.4.2 Affected: 4.5.1 Affected: 4.4.3 Affected: 4.6.1 Affected: 4.7.1 Affected: 4.6.2-FC2 Affected: 4.6.2-FC3 Affected: 4.6.2 Affected: 4.8.1 Affected: 4.8.2 Affected: 4.9.1 Affected: 4.6.3 Affected: 4.9.2-FC5 Affected: 4.9.2 Affected: 4.10.1 Affected: 4.9.3 Affected: 4.11.1 Affected: 4.9.4 Affected: 4.12.1 Affected: 4.6.4 Affected: 4.12.2 Affected: 4.13.1 Affected: 4.9.4-ES8 Affected: 4.9.5 Affected: 4.12.3 Affected: 4.6.5-ES1 Affected: 4.9.4-ES9 Affected: 4.14.1 Affected: 4.6.3-FC4 Affected: 4.9.4-FC3 Affected: 4.12.4 Affected: 4.15.1 Affected: 4.9.6 Affected: 4.16.1 Affected: 4.15.2 Affected: 4.12.5 Affected: 4.15.3 Affected: 4.15.4 Affected: 4.18.1 Affected: 4.12.6 Affected: 4.18.2 Affected: 4.18.2a |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20096",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:17.375Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Enterprise NFV Infrastructure Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.5.2"
},
{
"status": "affected",
"version": "3.12.2"
},
{
"status": "affected",
"version": "3.6.2"
},
{
"status": "affected",
"version": "3.9.2"
},
{
"status": "affected",
"version": "3.11.3"
},
{
"status": "affected",
"version": "3.11.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.12.1b"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.12.1a"
},
{
"status": "affected",
"version": "3.6.3"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.11.2"
},
{
"status": "affected",
"version": "3.12.1"
},
{
"status": "affected",
"version": "3.12.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.6.1"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "4.1.2"
},
{
"status": "affected",
"version": "4.2.1"
},
{
"status": "affected",
"version": "4.2.2"
},
{
"status": "affected",
"version": "4.4.1"
},
{
"status": "affected",
"version": "4.4.2"
},
{
"status": "affected",
"version": "4.5.1"
},
{
"status": "affected",
"version": "4.4.3"
},
{
"status": "affected",
"version": "4.6.1"
},
{
"status": "affected",
"version": "4.7.1"
},
{
"status": "affected",
"version": "4.6.2-FC2"
},
{
"status": "affected",
"version": "4.6.2-FC3"
},
{
"status": "affected",
"version": "4.6.2"
},
{
"status": "affected",
"version": "4.8.1"
},
{
"status": "affected",
"version": "4.8.2"
},
{
"status": "affected",
"version": "4.9.1"
},
{
"status": "affected",
"version": "4.6.3"
},
{
"status": "affected",
"version": "4.9.2-FC5"
},
{
"status": "affected",
"version": "4.9.2"
},
{
"status": "affected",
"version": "4.10.1"
},
{
"status": "affected",
"version": "4.9.3"
},
{
"status": "affected",
"version": "4.11.1"
},
{
"status": "affected",
"version": "4.9.4"
},
{
"status": "affected",
"version": "4.12.1"
},
{
"status": "affected",
"version": "4.6.4"
},
{
"status": "affected",
"version": "4.12.2"
},
{
"status": "affected",
"version": "4.13.1"
},
{
"status": "affected",
"version": "4.9.4-ES8"
},
{
"status": "affected",
"version": "4.9.5"
},
{
"status": "affected",
"version": "4.12.3"
},
{
"status": "affected",
"version": "4.6.5-ES1"
},
{
"status": "affected",
"version": "4.9.4-ES9"
},
{
"status": "affected",
"version": "4.14.1"
},
{
"status": "affected",
"version": "4.6.3-FC4"
},
{
"status": "affected",
"version": "4.9.4-FC3"
},
{
"status": "affected",
"version": "4.12.4"
},
{
"status": "affected",
"version": "4.15.1"
},
{
"status": "affected",
"version": "4.9.6"
},
{
"status": "affected",
"version": "4.16.1"
},
{
"status": "affected",
"version": "4.15.2"
},
{
"status": "affected",
"version": "4.12.5"
},
{
"status": "affected",
"version": "4.15.3"
},
{
"status": "affected",
"version": "4.15.4"
},
{
"status": "affected",
"version": "4.18.1"
},
{
"status": "affected",
"version": "4.12.6"
},
{
"status": "affected",
"version": "4.18.2"
},
{
"status": "affected",
"version": "4.18.2a"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Computing System (Standalone)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0(2g)"
},
{
"status": "affected",
"version": "3.1(2i)"
},
{
"status": "affected",
"version": "3.1(1d)"
},
{
"status": "affected",
"version": "4.0(4i)"
},
{
"status": "affected",
"version": "4.1(1c)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "4.0(1e)"
},
{
"status": "affected",
"version": "4.0(2h)"
},
{
"status": "affected",
"version": "4.0(4h)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "4.0(2l)"
},
{
"status": "affected",
"version": "3.1(3g)"
},
{
"status": "affected",
"version": "4.0(1.240)"
},
{
"status": "affected",
"version": "4.0(2f)"
},
{
"status": "affected",
"version": "4.0(1g)"
},
{
"status": "affected",
"version": "4.0(2i)"
},
{
"status": "affected",
"version": "3.1(3i)"
},
{
"status": "affected",
"version": "4.0(4d)"
},
{
"status": "affected",
"version": "4.1(1d)"
},
{
"status": "affected",
"version": "3.1(3c)"
},
{
"status": "affected",
"version": "4.0(4k)"
},
{
"status": "affected",
"version": "3.1(2d)"
},
{
"status": "affected",
"version": "3.1(3a)"
},
{
"status": "affected",
"version": "3.1(3j)"
},
{
"status": "affected",
"version": "4.0(2d)"
},
{
"status": "affected",
"version": "4.1(1f)"
},
{
"status": "affected",
"version": "4.0(4j)"
},
{
"status": "affected",
"version": "4.0(2m)"
},
{
"status": "affected",
"version": "4.0(2k)"
},
{
"status": "affected",
"version": "4.0(1c)"
},
{
"status": "affected",
"version": "4.0(4f)"
},
{
"status": "affected",
"version": "4.0(4c)"
},
{
"status": "affected",
"version": "3.1(3d)"
},
{
"status": "affected",
"version": "3.1(2g)"
},
{
"status": "affected",
"version": "3.1(2c)"
},
{
"status": "affected",
"version": "4.0(1d)"
},
{
"status": "affected",
"version": "3.1(2e)"
},
{
"status": "affected",
"version": "4.0(1a)"
},
{
"status": "affected",
"version": "4.0(1b)"
},
{
"status": "affected",
"version": "3.1(3b)"
},
{
"status": "affected",
"version": "4.0(4b)"
},
{
"status": "affected",
"version": "3.1(2b)"
},
{
"status": "affected",
"version": "4.0(4e)"
},
{
"status": "affected",
"version": "3.1(3h)"
},
{
"status": "affected",
"version": "4.0(4l)"
},
{
"status": "affected",
"version": "4.1(1g)"
},
{
"status": "affected",
"version": "4.1(2a)"
},
{
"status": "affected",
"version": "4.0(2n)"
},
{
"status": "affected",
"version": "4.1(1h)"
},
{
"status": "affected",
"version": "3.1(3k)"
},
{
"status": "affected",
"version": "4.1(2b)"
},
{
"status": "affected",
"version": "4.0(2o)"
},
{
"status": "affected",
"version": "4.0(4m)"
},
{
"status": "affected",
"version": "4.1(2d)"
},
{
"status": "affected",
"version": "4.1(3b)"
},
{
"status": "affected",
"version": "4.0(2p)"
},
{
"status": "affected",
"version": "4.1(2e)"
},
{
"status": "affected",
"version": "4.1(2f)"
},
{
"status": "affected",
"version": "4.0(4n)"
},
{
"status": "affected",
"version": "4.0(2q)"
},
{
"status": "affected",
"version": "4.1(3c)"
},
{
"status": "affected",
"version": "4.0(2r)"
},
{
"status": "affected",
"version": "4.1(3d)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "4.1(2h)"
},
{
"status": "affected",
"version": "4.1(3g)"
},
{
"status": "affected",
"version": "4.1(3f)"
},
{
"status": "affected",
"version": "4.1(2j)"
},
{
"status": "affected",
"version": "4.1(2k)"
},
{
"status": "affected",
"version": "4.1(3h)"
},
{
"status": "affected",
"version": "4.2(2a)"
},
{
"status": "affected",
"version": "4.1(3i)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "4.2(3b)"
},
{
"status": "affected",
"version": "4.1(3l)"
},
{
"status": "affected",
"version": "4.2(3d)"
},
{
"status": "affected",
"version": "4.3(1.230097)"
},
{
"status": "affected",
"version": "4.2(1e)"
},
{
"status": "affected",
"version": "4.2(1b)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.2(1f)"
},
{
"status": "affected",
"version": "4.2(1a)"
},
{
"status": "affected",
"version": "4.2(1c)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "4.3(1.230124)"
},
{
"status": "affected",
"version": "4.1(2l)"
},
{
"status": "affected",
"version": "4.2(3e)"
},
{
"status": "affected",
"version": "4.3(1.230138)"
},
{
"status": "affected",
"version": "4.2(3g)"
},
{
"status": "affected",
"version": "4.3(2.230207)"
},
{
"status": "affected",
"version": "4.2(3h)"
},
{
"status": "affected",
"version": "4.2(3i)"
},
{
"status": "affected",
"version": "4.3(2.230270)"
},
{
"status": "affected",
"version": "4.1(3m)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "4.3(2.240002)"
},
{
"status": "affected",
"version": "4.3(3.240022)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.1(3n)"
},
{
"status": "affected",
"version": "4.3(2.240009)"
},
{
"status": "affected",
"version": "4.3(3.240041)"
},
{
"status": "affected",
"version": "4.2(3k)"
},
{
"status": "affected",
"version": "4.3(3.240043)"
},
{
"status": "affected",
"version": "4.3(4.240142)"
},
{
"status": "affected",
"version": "4.3(2.240037)"
},
{
"status": "affected",
"version": "4.3(2.240053)"
},
{
"status": "affected",
"version": "4.3(4.240152)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.3(2.240077)"
},
{
"status": "affected",
"version": "4.3(4.242028)"
},
{
"status": "affected",
"version": "4.3(4.241063)"
},
{
"status": "affected",
"version": "4.3(4.242038)"
},
{
"status": "affected",
"version": "4.2(3m)"
},
{
"status": "affected",
"version": "4.3(2.240090)"
},
{
"status": "affected",
"version": "4.3(5.240021)"
},
{
"status": "affected",
"version": "4.3(2.240107)"
},
{
"status": "affected",
"version": "4.3(4.242066)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "4.3(5.250001)"
},
{
"status": "affected",
"version": "4.2(3o)"
},
{
"status": "affected",
"version": "4.3(2.250016)"
},
{
"status": "affected",
"version": "4.3(2.250021)"
},
{
"status": "affected",
"version": "4.3(5.250030)"
},
{
"status": "affected",
"version": "4.3(2.250022)"
},
{
"status": "affected",
"version": "4.3(6.250039)"
},
{
"status": "affected",
"version": "4.3(6.250040)"
},
{
"status": "affected",
"version": "4.3(5.250033)"
},
{
"status": "affected",
"version": "4.3(6.250044)"
},
{
"status": "affected",
"version": "4.3(6.250053)"
},
{
"status": "affected",
"version": "4.3(2.250037)"
},
{
"status": "affected",
"version": "4.3(2.250045)"
},
{
"status": "affected",
"version": "4.3(4.252001)"
},
{
"status": "affected",
"version": "4.3(4.252002)"
},
{
"status": "affected",
"version": "6.0(1.250127)"
},
{
"status": "affected",
"version": "4.2(3p)"
},
{
"status": "affected",
"version": "6.0(1.250131)"
},
{
"status": "affected",
"version": "4.3(6.250101)"
},
{
"status": "affected",
"version": "6.0(1.250174)"
},
{
"status": "affected",
"version": "4.3(6.250117)"
},
{
"status": "affected",
"version": "4.3(5.250043)"
},
{
"status": "affected",
"version": "4.3(5.250045)"
},
{
"status": "affected",
"version": "4.3(6.250060)"
},
{
"status": "affected",
"version": "6.0(1.250130)"
},
{
"status": "affected",
"version": "4.3(4.241014)"
},
{
"status": "affected",
"version": "4.3(2.250063)"
},
{
"status": "affected",
"version": "6.0(1.250192)"
},
{
"status": "affected",
"version": "4.3(6.260003)"
},
{
"status": "affected",
"version": "6.0(1.250194)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2.7"
},
{
"status": "affected",
"version": "3.2.6"
},
{
"status": "affected",
"version": "3.2.4"
},
{
"status": "affected",
"version": "3.2.10"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.3"
},
{
"status": "affected",
"version": "2.4.0"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.11.1"
},
{
"status": "affected",
"version": "3.2.8"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "2.3.2"
},
{
"status": "affected",
"version": "2.3.5"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "2.4.1"
},
{
"status": "affected",
"version": "2.3.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "2.3.3"
},
{
"status": "affected",
"version": "2.4.2"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.2.11.3"
},
{
"status": "affected",
"version": "3.2.11.5"
},
{
"status": "affected",
"version": "3.2.12.2"
},
{
"status": "affected",
"version": "3.2.13.6"
},
{
"status": "affected",
"version": "3.2.14"
},
{
"status": "affected",
"version": "4.11.1"
},
{
"status": "affected",
"version": "3.2.15"
},
{
"status": "affected",
"version": "4.12.1"
},
{
"status": "affected",
"version": "3.2.15.3"
},
{
"status": "affected",
"version": "4.12.2"
},
{
"status": "affected",
"version": "3.2.16.1"
},
{
"status": "affected",
"version": "4.00"
},
{
"status": "affected",
"version": "4.15.2"
},
{
"status": "affected",
"version": "4.02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and\u0026nbsp;execute arbitrary commands as the root user.\r\n\r\nThis vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user. Cisco has assigned this vulnerability a Security Impact Rating (SIR) of High, rather than Medium as the score indicates, because additional security implications could occur once the attacker has become root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T16:29:03.545Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cimc-cmd-inj-3hKN3bVt",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt"
}
],
"source": {
"advisory": "cisco-sa-cimc-cmd-inj-3hKN3bVt",
"defects": [
"CSCwr60894"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Integrated Management Controller Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20096",
"datePublished": "2026-04-01T16:29:03.545Z",
"dateReserved": "2025-10-08T11:59:15.369Z",
"dateUpdated": "2026-04-02T03:56:17.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20093 (GCVE-0-2026-20093)
Vulnerability from cvelistv5 – Published: 2026-04-01 16:28 – Updated: 2026-04-02 03:56
VLAI?
EPSS
Title
Cisco Integrated Management Controller Authentication Bypass Vulnerability
Summary
A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin.
This vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an Admin user, and gain access to the system as that user.
Severity ?
9.8 (Critical)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Enterprise NFV Infrastructure Software |
Affected:
4.1.1
Affected: 3.9.1 Affected: 3.5.2 Affected: 3.12.2 Affected: 3.6.2 Affected: 3.9.2 Affected: 3.11.3 Affected: 3.11.1 Affected: 3.5.1 Affected: 3.3.1 Affected: 3.10.2 Affected: 3.12.1b Affected: 3.4.1 Affected: 3.12.1a Affected: 3.6.3 Affected: 3.8.1 Affected: 3.11.2 Affected: 3.12.1 Affected: 3.12.3 Affected: 3.10.1 Affected: 3.6.1 Affected: 3.10.3 Affected: 3.7.1 Affected: 4.1.2 Affected: 4.2.1 Affected: 4.2.2 Affected: 4.4.1 Affected: 4.4.2 Affected: 4.5.1 Affected: 4.4.3 Affected: 4.6.1 Affected: 4.7.1 Affected: 4.6.2-FC2 Affected: 4.6.2-FC3 Affected: 4.6.2 Affected: 4.8.1 Affected: 4.8.2 Affected: 4.9.1 Affected: 4.6.3 Affected: 4.9.2-FC5 Affected: 4.9.2 Affected: 4.10.1 Affected: 4.9.3 Affected: 4.11.1 Affected: 4.9.4 Affected: 4.12.1 Affected: 4.6.4 Affected: 4.12.2 Affected: 4.13.1 Affected: 4.9.4-ES8 Affected: 4.9.5 Affected: 4.12.3 Affected: 4.6.5-ES1 Affected: 4.9.4-ES9 Affected: 4.14.1 Affected: 4.6.3-FC4 Affected: 4.9.4-FC3 Affected: 4.12.4 Affected: 4.15.1 Affected: 4.9.6 Affected: 4.16.1 Affected: 4.15.2 Affected: 4.12.5 Affected: 4.15.3 Affected: 4.15.4 Affected: 4.18.1 Affected: 4.12.6 Affected: 4.18.2 Affected: 4.18.2a |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20093",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:12.925Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Enterprise NFV Infrastructure Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.5.2"
},
{
"status": "affected",
"version": "3.12.2"
},
{
"status": "affected",
"version": "3.6.2"
},
{
"status": "affected",
"version": "3.9.2"
},
{
"status": "affected",
"version": "3.11.3"
},
{
"status": "affected",
"version": "3.11.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.12.1b"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.12.1a"
},
{
"status": "affected",
"version": "3.6.3"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.11.2"
},
{
"status": "affected",
"version": "3.12.1"
},
{
"status": "affected",
"version": "3.12.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.6.1"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "4.1.2"
},
{
"status": "affected",
"version": "4.2.1"
},
{
"status": "affected",
"version": "4.2.2"
},
{
"status": "affected",
"version": "4.4.1"
},
{
"status": "affected",
"version": "4.4.2"
},
{
"status": "affected",
"version": "4.5.1"
},
{
"status": "affected",
"version": "4.4.3"
},
{
"status": "affected",
"version": "4.6.1"
},
{
"status": "affected",
"version": "4.7.1"
},
{
"status": "affected",
"version": "4.6.2-FC2"
},
{
"status": "affected",
"version": "4.6.2-FC3"
},
{
"status": "affected",
"version": "4.6.2"
},
{
"status": "affected",
"version": "4.8.1"
},
{
"status": "affected",
"version": "4.8.2"
},
{
"status": "affected",
"version": "4.9.1"
},
{
"status": "affected",
"version": "4.6.3"
},
{
"status": "affected",
"version": "4.9.2-FC5"
},
{
"status": "affected",
"version": "4.9.2"
},
{
"status": "affected",
"version": "4.10.1"
},
{
"status": "affected",
"version": "4.9.3"
},
{
"status": "affected",
"version": "4.11.1"
},
{
"status": "affected",
"version": "4.9.4"
},
{
"status": "affected",
"version": "4.12.1"
},
{
"status": "affected",
"version": "4.6.4"
},
{
"status": "affected",
"version": "4.12.2"
},
{
"status": "affected",
"version": "4.13.1"
},
{
"status": "affected",
"version": "4.9.4-ES8"
},
{
"status": "affected",
"version": "4.9.5"
},
{
"status": "affected",
"version": "4.12.3"
},
{
"status": "affected",
"version": "4.6.5-ES1"
},
{
"status": "affected",
"version": "4.9.4-ES9"
},
{
"status": "affected",
"version": "4.14.1"
},
{
"status": "affected",
"version": "4.6.3-FC4"
},
{
"status": "affected",
"version": "4.9.4-FC3"
},
{
"status": "affected",
"version": "4.12.4"
},
{
"status": "affected",
"version": "4.15.1"
},
{
"status": "affected",
"version": "4.9.6"
},
{
"status": "affected",
"version": "4.16.1"
},
{
"status": "affected",
"version": "4.15.2"
},
{
"status": "affected",
"version": "4.12.5"
},
{
"status": "affected",
"version": "4.15.3"
},
{
"status": "affected",
"version": "4.15.4"
},
{
"status": "affected",
"version": "4.18.1"
},
{
"status": "affected",
"version": "4.12.6"
},
{
"status": "affected",
"version": "4.18.2"
},
{
"status": "affected",
"version": "4.18.2a"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Computing System (Standalone)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0(2g)"
},
{
"status": "affected",
"version": "3.1(2i)"
},
{
"status": "affected",
"version": "3.1(1d)"
},
{
"status": "affected",
"version": "4.0(4i)"
},
{
"status": "affected",
"version": "4.1(1c)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "4.0(1e)"
},
{
"status": "affected",
"version": "4.0(2h)"
},
{
"status": "affected",
"version": "4.0(4h)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "4.0(2l)"
},
{
"status": "affected",
"version": "3.1(3g)"
},
{
"status": "affected",
"version": "4.0(1.240)"
},
{
"status": "affected",
"version": "4.0(2f)"
},
{
"status": "affected",
"version": "4.0(1g)"
},
{
"status": "affected",
"version": "4.0(2i)"
},
{
"status": "affected",
"version": "3.1(3i)"
},
{
"status": "affected",
"version": "4.0(4d)"
},
{
"status": "affected",
"version": "4.1(1d)"
},
{
"status": "affected",
"version": "3.1(3c)"
},
{
"status": "affected",
"version": "4.0(4k)"
},
{
"status": "affected",
"version": "3.1(2d)"
},
{
"status": "affected",
"version": "3.1(3a)"
},
{
"status": "affected",
"version": "3.1(3j)"
},
{
"status": "affected",
"version": "4.0(2d)"
},
{
"status": "affected",
"version": "4.1(1f)"
},
{
"status": "affected",
"version": "4.0(1c)"
},
{
"status": "affected",
"version": "4.0(4f)"
},
{
"status": "affected",
"version": "4.0(4c)"
},
{
"status": "affected",
"version": "3.1(3d)"
},
{
"status": "affected",
"version": "3.1(2g)"
},
{
"status": "affected",
"version": "3.1(2c)"
},
{
"status": "affected",
"version": "4.0(1d)"
},
{
"status": "affected",
"version": "3.1(2e)"
},
{
"status": "affected",
"version": "4.0(1a)"
},
{
"status": "affected",
"version": "4.0(1b)"
},
{
"status": "affected",
"version": "3.1(3b)"
},
{
"status": "affected",
"version": "4.0(4b)"
},
{
"status": "affected",
"version": "3.1(2b)"
},
{
"status": "affected",
"version": "4.0(4e)"
},
{
"status": "affected",
"version": "3.1(3h)"
},
{
"status": "affected",
"version": "4.0(4l)"
},
{
"status": "affected",
"version": "4.1(1g)"
},
{
"status": "affected",
"version": "4.1(2a)"
},
{
"status": "affected",
"version": "4.0(2n)"
},
{
"status": "affected",
"version": "4.1(1h)"
},
{
"status": "affected",
"version": "3.1(3k)"
},
{
"status": "affected",
"version": "4.1(2b)"
},
{
"status": "affected",
"version": "4.0(2o)"
},
{
"status": "affected",
"version": "4.0(4m)"
},
{
"status": "affected",
"version": "4.1(2d)"
},
{
"status": "affected",
"version": "4.1(3b)"
},
{
"status": "affected",
"version": "4.0(2p)"
},
{
"status": "affected",
"version": "4.1(2e)"
},
{
"status": "affected",
"version": "4.1(2f)"
},
{
"status": "affected",
"version": "4.0(4n)"
},
{
"status": "affected",
"version": "4.0(2q)"
},
{
"status": "affected",
"version": "4.1(3c)"
},
{
"status": "affected",
"version": "4.0(2r)"
},
{
"status": "affected",
"version": "4.1(3d)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "4.1(2h)"
},
{
"status": "affected",
"version": "4.1(3f)"
},
{
"status": "affected",
"version": "4.1(2j)"
},
{
"status": "affected",
"version": "4.1(2k)"
},
{
"status": "affected",
"version": "4.1(3h)"
},
{
"status": "affected",
"version": "4.2(2a)"
},
{
"status": "affected",
"version": "4.1(3i)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "4.2(3b)"
},
{
"status": "affected",
"version": "4.1(3l)"
},
{
"status": "affected",
"version": "4.2(3d)"
},
{
"status": "affected",
"version": "4.3(1.230097)"
},
{
"status": "affected",
"version": "4.2(1e)"
},
{
"status": "affected",
"version": "4.2(1b)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.2(1f)"
},
{
"status": "affected",
"version": "4.2(1a)"
},
{
"status": "affected",
"version": "4.2(1c)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "4.3(1.230124)"
},
{
"status": "affected",
"version": "4.1(2l)"
},
{
"status": "affected",
"version": "4.2(3e)"
},
{
"status": "affected",
"version": "4.3(1.230138)"
},
{
"status": "affected",
"version": "4.2(3g)"
},
{
"status": "affected",
"version": "4.3(2.230207)"
},
{
"status": "affected",
"version": "4.2(3h)"
},
{
"status": "affected",
"version": "4.2(3i)"
},
{
"status": "affected",
"version": "4.3(2.230270)"
},
{
"status": "affected",
"version": "4.1(3m)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "4.3(2.240002)"
},
{
"status": "affected",
"version": "4.3(3.240022)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.1(3n)"
},
{
"status": "affected",
"version": "4.3(2.240009)"
},
{
"status": "affected",
"version": "4.3(3.240043)"
},
{
"status": "affected",
"version": "4.3(4.240142)"
},
{
"status": "affected",
"version": "4.3(2.240037)"
},
{
"status": "affected",
"version": "4.3(2.240053)"
},
{
"status": "affected",
"version": "4.3(4.240152)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.3(2.240077)"
},
{
"status": "affected",
"version": "4.3(4.242028)"
},
{
"status": "affected",
"version": "4.3(4.241063)"
},
{
"status": "affected",
"version": "4.3(4.242038)"
},
{
"status": "affected",
"version": "4.2(3m)"
},
{
"status": "affected",
"version": "4.3(2.240090)"
},
{
"status": "affected",
"version": "4.3(5.240021)"
},
{
"status": "affected",
"version": "4.3(2.240107)"
},
{
"status": "affected",
"version": "4.3(4.242066)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "4.3(5.250001)"
},
{
"status": "affected",
"version": "4.2(3o)"
},
{
"status": "affected",
"version": "4.3(2.250016)"
},
{
"status": "affected",
"version": "4.3(2.250021)"
},
{
"status": "affected",
"version": "4.3(5.250030)"
},
{
"status": "affected",
"version": "4.3(2.250022)"
},
{
"status": "affected",
"version": "4.3(6.250040)"
},
{
"status": "affected",
"version": "4.3(5.250033)"
},
{
"status": "affected",
"version": "4.3(6.250044)"
},
{
"status": "affected",
"version": "4.3(6.250053)"
},
{
"status": "affected",
"version": "4.3(2.250037)"
},
{
"status": "affected",
"version": "4.3(2.250045)"
},
{
"status": "affected",
"version": "4.3(4.252001)"
},
{
"status": "affected",
"version": "4.3(4.252002)"
},
{
"status": "affected",
"version": "6.0(1.250127)"
},
{
"status": "affected",
"version": "4.2(3p)"
},
{
"status": "affected",
"version": "6.0(1.250131)"
},
{
"status": "affected",
"version": "4.3(6.250101)"
},
{
"status": "affected",
"version": "4.3(6.250117)"
},
{
"status": "affected",
"version": "4.3(5.250043)"
},
{
"status": "affected",
"version": "4.3(6.250039)"
},
{
"status": "affected",
"version": "4.3(5.250045)"
},
{
"status": "affected",
"version": "4.3(6.250060)"
},
{
"status": "affected",
"version": "6.0(1.250130)"
},
{
"status": "affected",
"version": "4.3(4.241014)"
},
{
"status": "affected",
"version": "4.3(2.250063)"
},
{
"status": "affected",
"version": "4.3(6.260003)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2.7"
},
{
"status": "affected",
"version": "3.2.6"
},
{
"status": "affected",
"version": "3.2.4"
},
{
"status": "affected",
"version": "3.2.10"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.3"
},
{
"status": "affected",
"version": "2.4.0"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.11.1"
},
{
"status": "affected",
"version": "3.2.8"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "2.3.2"
},
{
"status": "affected",
"version": "2.3.5"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "2.4.1"
},
{
"status": "affected",
"version": "2.3.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "2.3.3"
},
{
"status": "affected",
"version": "2.4.2"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.2.11.3"
},
{
"status": "affected",
"version": "3.2.11.5"
},
{
"status": "affected",
"version": "3.2.12.2"
},
{
"status": "affected",
"version": "3.2.13.6"
},
{
"status": "affected",
"version": "3.2.14"
},
{
"status": "affected",
"version": "4.11.1"
},
{
"status": "affected",
"version": "3.2.15"
},
{
"status": "affected",
"version": "4.12.1"
},
{
"status": "affected",
"version": "3.2.15.3"
},
{
"status": "affected",
"version": "4.12.2"
},
{
"status": "affected",
"version": "3.2.16.1"
},
{
"status": "affected",
"version": "4.00"
},
{
"status": "affected",
"version": "4.15.2"
},
{
"status": "affected",
"version": "4.02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as\u0026nbsp;Admin.\r\n\r\nThis vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an\u0026nbsp;Admin user, and gain access to the system as that user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T16:28:38.714Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cimc-auth-bypass-AgG2BxTn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn"
}
],
"source": {
"advisory": "cisco-sa-cimc-auth-bypass-AgG2BxTn",
"defects": [
"CSCwq55659"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Integrated Management Controller Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20093",
"datePublished": "2026-04-01T16:28:38.714Z",
"dateReserved": "2025-10-08T11:59:15.368Z",
"dateUpdated": "2026-04-02T03:56:12.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20155 (GCVE-0-2026-20155)
Vulnerability from cvelistv5 – Published: 2026-04-01 16:29 – Updated: 2026-04-01 18:19
VLAI?
EPSS
Title
Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker with low privileges to access sensitive information that they are not authorized to access.
This vulnerability is due to improper authorization checks on a REST API endpoint of an affected device. An attacker could exploit this vulnerability by querying the affected endpoint. A successful exploit could allow the attacker to view session information of active Cisco EPNM users, including users with administrative privileges, which could result in the affected device being compromised.
Severity ?
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
7.1.1
Affected: 7.1.2.1 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.1.0 Affected: 8.0.0 Affected: 8.0.0.1 Affected: 7.1.3.1 Affected: 7.1.4 Affected: 8.1.0 Affected: 8.1.1 Affected: 8.0.1 Affected: 7.1.4.1 Affected: 8.0.1.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20155",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T18:19:08.632246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T18:19:17.434Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "7.1.3.1"
},
{
"status": "affected",
"version": "7.1.4"
},
{
"status": "affected",
"version": "8.1.0"
},
{
"status": "affected",
"version": "8.1.1"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "7.1.4.1"
},
{
"status": "affected",
"version": "8.0.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker with low privileges to access sensitive information that they are not authorized to access.\r\n\r\nThis vulnerability is due to improper authorization checks on a REST API endpoint of an affected device.\u0026nbsp;An attacker could exploit this vulnerability by querying the affected endpoint. A successful exploit could allow the attacker to view session information of active Cisco EPNM users, including users with administrative privileges, which could result in the affected device being compromised."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T16:29:12.891Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnm-improp-auth-mUwFWUU3",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-improp-auth-mUwFWUU3"
}
],
"source": {
"advisory": "cisco-sa-epnm-improp-auth-mUwFWUU3",
"defects": [
"CSCwp27059"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20155",
"datePublished": "2026-04-01T16:29:12.891Z",
"dateReserved": "2025-10-08T11:59:15.386Z",
"dateUpdated": "2026-04-01T18:19:17.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20095 (GCVE-0-2026-20095)
Vulnerability from cvelistv5 – Published: 2026-04-01 16:28 – Updated: 2026-04-02 03:56
VLAI?
EPSS
Title
Cisco Integrated Management Controller Command Injection Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user.
This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user. Cisco has assigned this vulnerability a Security Impact Rating (SIR) of High, rather than Medium as the score indicates, because additional security implications could occur once the attacker has become root.
Severity ?
6.5 (Medium)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Enterprise NFV Infrastructure Software |
Affected:
4.1.1
Affected: 3.9.1 Affected: 3.5.2 Affected: 3.12.2 Affected: 3.6.2 Affected: 3.9.2 Affected: 3.11.3 Affected: 3.11.1 Affected: 3.5.1 Affected: 3.3.1 Affected: 3.10.2 Affected: 3.12.1b Affected: 3.4.1 Affected: 3.12.1a Affected: 3.6.3 Affected: 3.8.1 Affected: 3.11.2 Affected: 3.12.1 Affected: 3.12.3 Affected: 3.10.1 Affected: 3.6.1 Affected: 3.10.3 Affected: 3.7.1 Affected: 4.1.2 Affected: 4.2.1 Affected: 4.2.2 Affected: 4.4.1 Affected: 4.4.2 Affected: 4.5.1 Affected: 4.4.3 Affected: 4.6.1 Affected: 4.7.1 Affected: 4.6.2-FC2 Affected: 4.6.2-FC3 Affected: 4.6.2 Affected: 4.8.1 Affected: 4.8.2 Affected: 4.9.1 Affected: 4.6.3 Affected: 4.9.2-FC5 Affected: 4.9.2 Affected: 4.10.1 Affected: 4.9.3 Affected: 4.11.1 Affected: 4.9.4 Affected: 4.12.1 Affected: 4.6.4 Affected: 4.12.2 Affected: 4.13.1 Affected: 4.9.4-ES8 Affected: 4.9.5 Affected: 4.12.3 Affected: 4.6.5-ES1 Affected: 4.9.4-ES9 Affected: 4.14.1 Affected: 4.6.3-FC4 Affected: 4.9.4-FC3 Affected: 4.12.4 Affected: 4.15.1 Affected: 4.9.6 Affected: 4.16.1 Affected: 4.15.2 Affected: 4.12.5 Affected: 4.15.3 Affected: 4.15.4 Affected: 4.18.1 Affected: 4.12.6 Affected: 4.18.2 Affected: 4.18.2a |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20095",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:14.022Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Enterprise NFV Infrastructure Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.5.2"
},
{
"status": "affected",
"version": "3.12.2"
},
{
"status": "affected",
"version": "3.6.2"
},
{
"status": "affected",
"version": "3.9.2"
},
{
"status": "affected",
"version": "3.11.3"
},
{
"status": "affected",
"version": "3.11.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.12.1b"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.12.1a"
},
{
"status": "affected",
"version": "3.6.3"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.11.2"
},
{
"status": "affected",
"version": "3.12.1"
},
{
"status": "affected",
"version": "3.12.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.6.1"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "4.1.2"
},
{
"status": "affected",
"version": "4.2.1"
},
{
"status": "affected",
"version": "4.2.2"
},
{
"status": "affected",
"version": "4.4.1"
},
{
"status": "affected",
"version": "4.4.2"
},
{
"status": "affected",
"version": "4.5.1"
},
{
"status": "affected",
"version": "4.4.3"
},
{
"status": "affected",
"version": "4.6.1"
},
{
"status": "affected",
"version": "4.7.1"
},
{
"status": "affected",
"version": "4.6.2-FC2"
},
{
"status": "affected",
"version": "4.6.2-FC3"
},
{
"status": "affected",
"version": "4.6.2"
},
{
"status": "affected",
"version": "4.8.1"
},
{
"status": "affected",
"version": "4.8.2"
},
{
"status": "affected",
"version": "4.9.1"
},
{
"status": "affected",
"version": "4.6.3"
},
{
"status": "affected",
"version": "4.9.2-FC5"
},
{
"status": "affected",
"version": "4.9.2"
},
{
"status": "affected",
"version": "4.10.1"
},
{
"status": "affected",
"version": "4.9.3"
},
{
"status": "affected",
"version": "4.11.1"
},
{
"status": "affected",
"version": "4.9.4"
},
{
"status": "affected",
"version": "4.12.1"
},
{
"status": "affected",
"version": "4.6.4"
},
{
"status": "affected",
"version": "4.12.2"
},
{
"status": "affected",
"version": "4.13.1"
},
{
"status": "affected",
"version": "4.9.4-ES8"
},
{
"status": "affected",
"version": "4.9.5"
},
{
"status": "affected",
"version": "4.12.3"
},
{
"status": "affected",
"version": "4.6.5-ES1"
},
{
"status": "affected",
"version": "4.9.4-ES9"
},
{
"status": "affected",
"version": "4.14.1"
},
{
"status": "affected",
"version": "4.6.3-FC4"
},
{
"status": "affected",
"version": "4.9.4-FC3"
},
{
"status": "affected",
"version": "4.12.4"
},
{
"status": "affected",
"version": "4.15.1"
},
{
"status": "affected",
"version": "4.9.6"
},
{
"status": "affected",
"version": "4.16.1"
},
{
"status": "affected",
"version": "4.15.2"
},
{
"status": "affected",
"version": "4.12.5"
},
{
"status": "affected",
"version": "4.15.3"
},
{
"status": "affected",
"version": "4.15.4"
},
{
"status": "affected",
"version": "4.18.1"
},
{
"status": "affected",
"version": "4.12.6"
},
{
"status": "affected",
"version": "4.18.2"
},
{
"status": "affected",
"version": "4.18.2a"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Computing System (Standalone)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0(2g)"
},
{
"status": "affected",
"version": "3.1(2i)"
},
{
"status": "affected",
"version": "3.1(1d)"
},
{
"status": "affected",
"version": "4.0(4i)"
},
{
"status": "affected",
"version": "4.1(1c)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "4.0(1e)"
},
{
"status": "affected",
"version": "4.0(2h)"
},
{
"status": "affected",
"version": "4.0(4h)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "4.0(2l)"
},
{
"status": "affected",
"version": "3.1(3g)"
},
{
"status": "affected",
"version": "4.0(1.240)"
},
{
"status": "affected",
"version": "4.0(2f)"
},
{
"status": "affected",
"version": "4.0(1g)"
},
{
"status": "affected",
"version": "4.0(2i)"
},
{
"status": "affected",
"version": "3.1(3i)"
},
{
"status": "affected",
"version": "4.0(4d)"
},
{
"status": "affected",
"version": "4.1(1d)"
},
{
"status": "affected",
"version": "3.1(3c)"
},
{
"status": "affected",
"version": "4.0(4k)"
},
{
"status": "affected",
"version": "3.1(2d)"
},
{
"status": "affected",
"version": "3.1(3a)"
},
{
"status": "affected",
"version": "3.1(3j)"
},
{
"status": "affected",
"version": "4.0(2d)"
},
{
"status": "affected",
"version": "4.1(1f)"
},
{
"status": "affected",
"version": "4.0(4j)"
},
{
"status": "affected",
"version": "4.0(2m)"
},
{
"status": "affected",
"version": "4.0(2k)"
},
{
"status": "affected",
"version": "4.0(1c)"
},
{
"status": "affected",
"version": "4.0(4f)"
},
{
"status": "affected",
"version": "4.0(4c)"
},
{
"status": "affected",
"version": "3.1(3d)"
},
{
"status": "affected",
"version": "3.1(2g)"
},
{
"status": "affected",
"version": "3.1(2c)"
},
{
"status": "affected",
"version": "4.0(1d)"
},
{
"status": "affected",
"version": "3.1(2e)"
},
{
"status": "affected",
"version": "4.0(1a)"
},
{
"status": "affected",
"version": "4.0(1b)"
},
{
"status": "affected",
"version": "3.1(3b)"
},
{
"status": "affected",
"version": "4.0(4b)"
},
{
"status": "affected",
"version": "3.1(2b)"
},
{
"status": "affected",
"version": "4.0(4e)"
},
{
"status": "affected",
"version": "3.1(3h)"
},
{
"status": "affected",
"version": "4.0(4l)"
},
{
"status": "affected",
"version": "4.1(1g)"
},
{
"status": "affected",
"version": "4.1(2a)"
},
{
"status": "affected",
"version": "4.0(2n)"
},
{
"status": "affected",
"version": "4.1(1h)"
},
{
"status": "affected",
"version": "3.1(3k)"
},
{
"status": "affected",
"version": "4.1(2b)"
},
{
"status": "affected",
"version": "4.0(2o)"
},
{
"status": "affected",
"version": "4.0(4m)"
},
{
"status": "affected",
"version": "4.1(2d)"
},
{
"status": "affected",
"version": "4.1(3b)"
},
{
"status": "affected",
"version": "4.0(2p)"
},
{
"status": "affected",
"version": "4.1(2e)"
},
{
"status": "affected",
"version": "4.1(2f)"
},
{
"status": "affected",
"version": "4.0(4n)"
},
{
"status": "affected",
"version": "4.0(2q)"
},
{
"status": "affected",
"version": "4.1(3c)"
},
{
"status": "affected",
"version": "4.0(2r)"
},
{
"status": "affected",
"version": "4.1(3d)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "4.1(2h)"
},
{
"status": "affected",
"version": "4.1(3g)"
},
{
"status": "affected",
"version": "4.1(3f)"
},
{
"status": "affected",
"version": "4.1(2j)"
},
{
"status": "affected",
"version": "4.1(2k)"
},
{
"status": "affected",
"version": "4.1(3h)"
},
{
"status": "affected",
"version": "4.2(2a)"
},
{
"status": "affected",
"version": "4.1(3i)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "4.2(3b)"
},
{
"status": "affected",
"version": "4.1(3l)"
},
{
"status": "affected",
"version": "4.2(3d)"
},
{
"status": "affected",
"version": "4.3(1.230097)"
},
{
"status": "affected",
"version": "4.2(1e)"
},
{
"status": "affected",
"version": "4.2(1b)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.2(1f)"
},
{
"status": "affected",
"version": "4.2(1a)"
},
{
"status": "affected",
"version": "4.2(1c)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "4.3(1.230124)"
},
{
"status": "affected",
"version": "4.1(2l)"
},
{
"status": "affected",
"version": "4.2(3e)"
},
{
"status": "affected",
"version": "4.3(1.230138)"
},
{
"status": "affected",
"version": "4.2(3g)"
},
{
"status": "affected",
"version": "4.3(2.230207)"
},
{
"status": "affected",
"version": "4.2(3h)"
},
{
"status": "affected",
"version": "4.2(3i)"
},
{
"status": "affected",
"version": "4.3(2.230270)"
},
{
"status": "affected",
"version": "4.1(3m)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "4.3(2.240002)"
},
{
"status": "affected",
"version": "4.3(3.240022)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.1(3n)"
},
{
"status": "affected",
"version": "4.3(2.240009)"
},
{
"status": "affected",
"version": "4.3(3.240041)"
},
{
"status": "affected",
"version": "4.2(3k)"
},
{
"status": "affected",
"version": "4.3(3.240043)"
},
{
"status": "affected",
"version": "4.3(4.240142)"
},
{
"status": "affected",
"version": "4.3(2.240037)"
},
{
"status": "affected",
"version": "4.3(2.240053)"
},
{
"status": "affected",
"version": "4.3(4.240152)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.3(2.240077)"
},
{
"status": "affected",
"version": "4.3(4.242028)"
},
{
"status": "affected",
"version": "4.3(4.241063)"
},
{
"status": "affected",
"version": "4.3(4.242038)"
},
{
"status": "affected",
"version": "4.2(3m)"
},
{
"status": "affected",
"version": "4.3(2.240090)"
},
{
"status": "affected",
"version": "4.3(5.240021)"
},
{
"status": "affected",
"version": "4.3(2.240107)"
},
{
"status": "affected",
"version": "4.3(4.242066)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "4.3(5.250001)"
},
{
"status": "affected",
"version": "4.2(3o)"
},
{
"status": "affected",
"version": "4.3(2.250016)"
},
{
"status": "affected",
"version": "4.3(2.250021)"
},
{
"status": "affected",
"version": "4.3(5.250030)"
},
{
"status": "affected",
"version": "4.3(2.250022)"
},
{
"status": "affected",
"version": "4.3(6.250039)"
},
{
"status": "affected",
"version": "4.3(6.250040)"
},
{
"status": "affected",
"version": "4.3(5.250033)"
},
{
"status": "affected",
"version": "4.3(6.250044)"
},
{
"status": "affected",
"version": "4.3(6.250053)"
},
{
"status": "affected",
"version": "4.3(2.250037)"
},
{
"status": "affected",
"version": "4.3(2.250045)"
},
{
"status": "affected",
"version": "4.3(4.252001)"
},
{
"status": "affected",
"version": "4.3(4.252002)"
},
{
"status": "affected",
"version": "6.0(1.250127)"
},
{
"status": "affected",
"version": "4.2(3p)"
},
{
"status": "affected",
"version": "6.0(1.250131)"
},
{
"status": "affected",
"version": "4.3(6.250101)"
},
{
"status": "affected",
"version": "6.0(1.250174)"
},
{
"status": "affected",
"version": "4.3(6.250117)"
},
{
"status": "affected",
"version": "4.3(5.250043)"
},
{
"status": "affected",
"version": "4.3(5.250045)"
},
{
"status": "affected",
"version": "4.3(6.250060)"
},
{
"status": "affected",
"version": "6.0(1.250130)"
},
{
"status": "affected",
"version": "4.3(4.241014)"
},
{
"status": "affected",
"version": "4.3(2.250063)"
},
{
"status": "affected",
"version": "6.0(1.250192)"
},
{
"status": "affected",
"version": "4.3(6.260003)"
},
{
"status": "affected",
"version": "6.0(1.250194)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2.7"
},
{
"status": "affected",
"version": "3.2.6"
},
{
"status": "affected",
"version": "3.2.4"
},
{
"status": "affected",
"version": "3.2.10"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.3"
},
{
"status": "affected",
"version": "2.4.0"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.11.1"
},
{
"status": "affected",
"version": "3.2.8"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "2.3.2"
},
{
"status": "affected",
"version": "2.3.5"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "2.4.1"
},
{
"status": "affected",
"version": "2.3.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "2.3.3"
},
{
"status": "affected",
"version": "2.4.2"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.2.11.3"
},
{
"status": "affected",
"version": "3.2.11.5"
},
{
"status": "affected",
"version": "3.2.12.2"
},
{
"status": "affected",
"version": "3.2.13.6"
},
{
"status": "affected",
"version": "3.2.14"
},
{
"status": "affected",
"version": "4.11.1"
},
{
"status": "affected",
"version": "3.2.15"
},
{
"status": "affected",
"version": "4.12.1"
},
{
"status": "affected",
"version": "3.2.15.3"
},
{
"status": "affected",
"version": "4.12.2"
},
{
"status": "affected",
"version": "3.2.16.1"
},
{
"status": "affected",
"version": "4.00"
},
{
"status": "affected",
"version": "4.15.2"
},
{
"status": "affected",
"version": "4.02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and\u0026nbsp;execute arbitrary commands as the root user.\r\n\r\nThis vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user. Cisco has assigned this vulnerability a Security Impact Rating (SIR) of High, rather than Medium as the score indicates, because additional security implications could occur once the attacker has become root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T16:28:47.898Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cimc-cmd-inj-3hKN3bVt",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt"
}
],
"source": {
"advisory": "cisco-sa-cimc-cmd-inj-3hKN3bVt",
"defects": [
"CSCwr60889"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Integrated Management Controller Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20095",
"datePublished": "2026-04-01T16:28:47.898Z",
"dateReserved": "2025-10-08T11:59:15.369Z",
"dateUpdated": "2026-04-02T03:56:14.022Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…