Cisco IMC Reflected and Stored XSS Vulnerabilities (CVE-2026-20085/20087-20090)

Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities (Cisco 集成管理控制器跨站脚本漏洞) Vulnerability Overview Multiple vulnerabilities exist in the web-based management interface of the Cisco Integrated Management Controller (IMC), allowing remote attackers to perform Cross-Site Scripting (XSS) attacks against interface users. Vulnerability Types: CVE-2026-20085: Cisco IMC Reflected XSS Vulnerability CVE-2026-20087, CVE-2026-20088, CVE-2026-20089, CVE-2026-20090: Cisco IMC Stored XSS Vulnerabilities Severity: Medium CVSS Score: Base 6.1 Exploitation Conditions: Attackers must induce users to click on malicious links (for reflected XSS) or store malicious scripts (for stored XSS). Affected Products The following Cisco products are at risk if they are running affected versions of Cisco IMC: Primary Affected Products: 5000 Series Enterprise Network Compute Systems (ENCS) Catalyst 8300 Series Edge uCPE UCS C-Series M5 and M6 Rack Servers (standalone mode) UCS E-Series Servers M3 UCS E-Series Servers M6 UCS S-Series Storage Servers (standalone mode) Other Affected Products (Based on Pre-configured Versions of Cisco UCS C-Series Servers): Application Policy Infrastructure Controller (APIC) Servers Business Edition 6000 and 7000 Appliances Catalyst Center Appliances Cisco Telemetry Broker Appliances Cloud Services Platform (CSP) 5000 Series Common Services Platform Collector (CSPC) Appliances Connected Mobile Experiences (CMX) Appliances Connected Safety and Security UCS Platform Series Servers Cyber Vision Center Appliances Expressway Series Appliances HyperFlex Edge Nodes HyperFlex Nodes in HyperFlex Datacenter without Fabric Interconnect (DC-No-Fi) deployment mode IEC6400 Edge Compute Appliances IOS XrY 9000 Appliances Meeting Server 1000 Appliances Nexus Dashboard Appliances Prime Infrastructure Appliances Prime Network Registrar Jumpstart Appliances Secure Endpoint Private Cloud Appliances Secure Firewall Management Center Appliances Secure Malware Analytics Appliances Secure Network Analytics Appliances Secure Network Server Appliances Secure Workload Servers Remediation Workarounds: Cisco has confirmed that no workarounds are available to resolve these vulnerabilities. Fixed Software: Cisco strongly recommends customers upgrade to the following fixed versions: Remediation Instructions for Other Products: Cisco Telemetry Broker Appliances: Apply firmware update IEC6400 Edge Compute Appliances: Perform HUJ upgrade using Secure Endpoint Private Cloud Appliances: Upgrade to Release 4.2.5 or later, then follow the steps outlined in the TechNotes. Secure Firewall Management Center Appliances: Apply HUJ/FX. Secure Malware Analytics Appliances: Update firmware using the Out-of-Band Firmware Update (OOF) procedure. Secure Network Analytics Appliances: M5: Install patch M6: Patch expected to be released in April 2026 Secure Network Server Appliances**: Apply BIOS and HUJ upgrades (refer to the Cisco Secure Network Server 3600/3700 Series Firmware Upgrade Guide).

Goal Reached Thanks to every supporter — we hit 100%!

Cisco IMC Reflected and Stored XSS Vulnerabilities (CVE-2026-20085/20087-20090)