Cisco IMC Authentication Bypass Vulnerability (CVSS 9.8)

Vulnerability Overview Vulnerability Name: Cisco Integrated Management Controller Authentication Bypass Vulnerability (Cisco 集成管理控制器身份验证绕过漏洞) Severity: Critical (严重) CVSS Score: Base 9.8 Vulnerability Description: A vulnerability exists in the password change functionality of the Cisco Integrated Management Controller (IMC). An attacker can exploit this vulnerability by sending a crafted HTTP request to the affected device. Successful exploitation allows the attacker to access the system as a system administrator after bypassing authentication. Cause: Improper handling of password change requests. Affected Products This vulnerability affects the following Cisco products running vulnerable versions of Cisco IMC: 5000 Series Enterprise Network Compute Systems (ENCS) Catalyst 8300 Series Edge uCPE UCS C-Series M5 and M6 Rack Servers (standalone mode) UCS E-Series Servers M3 UCS E-Series Servers M6 And Cisco devices based on pre-configured versions of Cisco UCS C-Series Servers (if Cisco IMC UI access is exposed), including: Application Policy Infrastructure Controller (APIC) Servers Business Edition 6000 and 7000 Appliances Catalyst Center Appliances Cisco Telemetry Broker Appliances Cloud Services Platform (CSP) 5000 Series Common Services Platform Collector (CSPC) Appliances Connected Mobile Experiences (CMX) Appliances Connected Safety and Security UCS Platform Series Servers Cyber Vision Center Appliances Expressway Series Appliances HyperFlex Edge Nodes HyperFlex Nodes in HyperFlex Datacenter without Fabric Interconnect (DC-No-Fi) deployment mode IEC6400 Edge Compute Appliances IOS Xrv 9000 Appliances Meeting Server 1000 Appliances Nexus Dashboard Appliances Prime Infrastructure Appliances Prime Network Registrar Jumpstart Appliances Secure Endpoint Private Cloud Appliances Secure Firewall Management Center Appliances Secure Malware Analytics Appliances Secure Network Analytics Appliances Secure Network Server Appliances Secure Workload Servers Products Confirmed Not Affected: UCS B-Series Blade Servers, UCS C-Series M7 and M6 Rack Servers (standalone mode), UCS C-Series Rack Servers with Fabric Interconnects (IMM), UCS S-Series Storage Servers, UCS X-Series Modular System, Unified Edge. Remediation Workarounds: None (There are no workarounds that address this vulnerability.) Fixed Software Releases: Cisco recommends upgrading to the following fixed releases: 5000 Series ENCS and Catalyst 8300 Series Edge uCPE: 4.15 and earlier -> 4.15.5 4.16 and earlier -> Migrate to a fixed release. 4.18 -> 4.18.3 (Apr 2020) 26.1 -> Not vulnerable. UCS C-Series M5 Rack Server: 4.2 and earlier -> Migrate to a fixed release. 4.3 -> 4.32 (260007) UCS C-Series M6 Rack Server: 4.2 and earlier -> Migrate to a fixed release. 4.3 -> 4.36 (260017) 6.0 -> 6.01 (250174) UCS E-Series M3: 3.2 and earlier -> 3.2.17 UCS E-Series M6: 4.15 and earlier -> 4.15.3 Other Device Firmware Upgrade Commands/Paths: Cisco Telemetry Broker Appliances: IEC6400 Edge Compute Appliances: Secure Endpoint Private Cloud Appliances: Secure Firewall Management Center Appliances: Secure Malware Analytics Appliances: Secure Network Analytics Appliances: * Secure Network Server Appliances:

Goal Reached Thanks to every supporter — we hit 100%!

Cisco IMC Authentication Bypass Vulnerability (CVSS 9.8)