Vulnerabilities > Cisco > Integrated Management Controller > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-11-18 CVE-2020-3470 Improper Input Validation vulnerability in Cisco products
Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges.
network
low complexity
cisco CWE-20
critical
 9.8
9.8
2018-11-08 CVE-2018-15447 SQL Injection vulnerability in Cisco Integrated Management Controller
A vulnerability in the web framework code of Cisco Integrated Management Controller (IMC) Supervisor could allow an unauthenticated, remote attacker to execute arbitrary SQL queries.
network
low complexity
cisco CWE-89
critical
 9.8
9.8