Vulnerabilities > Cisco > Integrated Management Controller Supervisor > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-06 | CVE-2020-3329 | Unspecified vulnerability in Cisco products A vulnerability in role-based access control of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. | 4.3 |
| 2018-10-05 | CVE-2018-15404 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco products A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. | 6.5 |
| 2018-06-07 | CVE-2018-0149 | Cross-site Scripting vulnerability in Cisco Integrated Management Controller Supervisor 2.1(0.2)/2.2(0.2) A vulnerability in the web-based management interface of Cisco Integrated Management Controller Supervisor Software and Cisco UCS Director Software could allow an authenticated, remote attacker to conduct a Document Object Model-based (DOM-based), stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.8 |
| 2017-04-20 | CVE-2017-6618 | Cross-site Scripting vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C) A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. | 5.4 |
| 2017-04-20 | CVE-2017-6617 | Improper Authentication vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C) A vulnerability in the session identification management functionality of the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. | 5.4 |