Vulnerabilities > Cisco > Integrated Management Controller Supervisor > 3.0.1c

DATE CVE VULNERABILITY TITLE RISK
2019-08-21 CVE-2019-1907 Unspecified vulnerability in Cisco products
A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to set sensitive configuration values and gain elevated privileges.
network
low complexity
cisco
8.8
2017-04-20 CVE-2017-6619 Improper Input Validation vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C)
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary commands on an affected system.
network
low complexity
cisco CWE-20
8.8
2017-04-20 CVE-2017-6618 Cross-site Scripting vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C)
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack.
network
low complexity
cisco CWE-79
5.4
2017-04-20 CVE-2017-6617 Improper Authentication vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C)
A vulnerability in the session identification management functionality of the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system.
network
low complexity
cisco CWE-287
5.4
2017-04-20 CVE-2017-6616 Improper Input Validation vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C)
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary code on an affected system.
network
low complexity
cisco CWE-20
8.8