Vulnerabilities > Cisco > Unified Computing System > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-21 | CVE-2019-1883 | OS Command Injection vulnerability in Cisco products A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. | 7.8 |
| 2019-08-21 | CVE-2019-1871 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root privileges on an affected device. | 7.2 |
| 2019-08-21 | CVE-2019-1865 | OS Command Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. | 8.8 |
| 2019-08-21 | CVE-2019-1864 | OS Command Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. | 8.8 |
| 2019-08-21 | CVE-2019-1863 | Unspecified vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to make unauthorized changes to the system configuration. | 8.1 |
| 2019-08-21 | CVE-2019-1850 | OS Command Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. | 7.2 |
| 2019-08-21 | CVE-2019-1634 | OS Command Injection vulnerability in Cisco products A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on the underlying operating system (OS). | 7.2 |
| 2019-06-20 | CVE-2019-1632 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.0 |
| 2018-10-05 | CVE-2018-0431 | Command Injection vulnerability in Cisco Unified Computing System 2.0Base/3.0(3A)/3.1(3) A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. | 8.8 |
| 2018-10-05 | CVE-2018-0430 | Command Injection vulnerability in Cisco Unified Computing System 2.0Base/3.0(3A)/3.1(3) A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. | 8.8 |