Vulnerabilities > Cisco > Integrated Management Controller > 3.0.1c

DATE CVE VULNERABILITY TITLE RISK
2021-05-06 CVE-2021-1397 Open Redirect vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
network
low complexity
cisco CWE-601
6.1
6.1
2020-11-18 CVE-2020-3470 Improper Input Validation vulnerability in Cisco products
Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges.
network
low complexity
cisco CWE-20
critical
 9.8
9.8
2020-11-06 CVE-2020-3371 OS Command Injection vulnerability in Cisco Integrated Management Controller 3.0(1C)
A vulnerability in the web UI of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary code and execute arbitrary commands at the underlying operating system level.
network
low complexity
cisco CWE-78
8.8
8.8