// For flags

CVE-2020-3470

Cisco Integrated Management Controller Multiple Remote Code Execution Vulnerabilities

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for certain user-supplied input. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the API subsystem of an affected system. When this request is processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying operating system (OS).

Múltiples vulnerabilidades en el subsistema API de Cisco Integrated Management Controller (IMC), podrían permitir a un atacante remoto no autenticado ejecutar código arbitrario con privilegios root. Las vulnerabilidades son debido a comprobaciones de límites inapropiadas para determinada entrada suministrada por el usuario. Un atacante podría explotar estas vulnerabilidades mediante el envío una petición HTTP diseñada hacia el subsistema API de un sistema afectado. Cuando esta petición es procesada, puede ocurrir una condición de desbordamiento de búfer explotable. Una explotación con éxito podría permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente (SO)

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2019-12-12 CVE Reserved
  • 2020-11-18 CVE Published
  • 2024-09-07 EPSS Updated
  • 2024-11-13 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Enterprise Nfv Infrastructure Software
Search vendor "Cisco" for product "Enterprise Nfv Infrastructure Software"
< 4.4.1
Search vendor "Cisco" for product "Enterprise Nfv Infrastructure Software" and version " < 4.4.1"
-
Affected
in Cisco
Search vendor "Cisco"
Enterprise Network Compute System 5100
Search vendor "Cisco" for product "Enterprise Network Compute System 5100"
--
Safe
Cisco
Search vendor "Cisco"
Enterprise Nfv Infrastructure Software
Search vendor "Cisco" for product "Enterprise Nfv Infrastructure Software"
< 4.4.1
Search vendor "Cisco" for product "Enterprise Nfv Infrastructure Software" and version " < 4.4.1"
-
Affected
in Cisco
Search vendor "Cisco"
Enterprise Network Compute System 5400
Search vendor "Cisco" for product "Enterprise Network Compute System 5400"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 4.0\(1a\) <= 4.0\(4l\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 4.0\(1a\) <= 4.0\(4l\)"
-
Affected
in Cisco
Search vendor "Cisco"
C125 M5
Search vendor "Cisco" for product "C125 M5"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 4.0\(1a\) <= 4.0\(4l\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 4.0\(1a\) <= 4.0\(4l\)"
-
Affected
in Cisco
Search vendor "Cisco"
C220 M5
Search vendor "Cisco" for product "C220 M5"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 4.0\(1a\) <= 4.0\(4l\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 4.0\(1a\) <= 4.0\(4l\)"
-
Affected
in Cisco
Search vendor "Cisco"
C240 M5
Search vendor "Cisco" for product "C240 M5"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 4.0\(1a\) <= 4.0\(4l\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 4.0\(1a\) <= 4.0\(4l\)"
-
Affected
in Cisco
Search vendor "Cisco"
C480 M5
Search vendor "Cisco" for product "C480 M5"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 4.0\(1a\) <= 4.0\(4l\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 4.0\(1a\) <= 4.0\(4l\)"
-
Affected
in Cisco
Search vendor "Cisco"
C480 Ml M5
Search vendor "Cisco" for product "C480 Ml M5"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 3.0\(1c\) <= 3.0\(4q\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 3.0\(1c\) <= 3.0\(4q\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs C220 M4
Search vendor "Cisco" for product "Ucs C220 M4"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 3.0\(1c\) <= 3.0\(4q\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 3.0\(1c\) <= 3.0\(4q\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs C460 M4
Search vendor "Cisco" for product "Ucs C460 M4"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 4.0\(1a\) <= 4.0\(2l\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 4.0\(1a\) <= 4.0\(2l\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs C220 M4
Search vendor "Cisco" for product "Ucs C220 M4"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 4.0\(1a\) <= 4.0\(2l\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 4.0\(1a\) <= 4.0\(2l\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs C460 M4
Search vendor "Cisco" for product "Ucs C460 M4"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 4.1\(1c\) <= 4.1\(1f\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 4.1\(1c\) <= 4.1\(1f\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs C220 M4
Search vendor "Cisco" for product "Ucs C220 M4"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 4.1\(1c\) <= 4.1\(1f\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 4.1\(1c\) <= 4.1\(1f\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs C460 M4
Search vendor "Cisco" for product "Ucs C460 M4"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 3.0\(1c\) <= 3.0\(4q\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 3.0\(1c\) <= 3.0\(4q\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs C22 M3
Search vendor "Cisco" for product "Ucs C22 M3"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 3.0\(1c\) <= 3.0\(4q\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 3.0\(1c\) <= 3.0\(4q\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs C220 M3
Search vendor "Cisco" for product "Ucs C220 M3"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 3.0\(1c\) <= 3.0\(4q\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 3.0\(1c\) <= 3.0\(4q\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs C24 M3
Search vendor "Cisco" for product "Ucs C24 M3"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 3.0\(1c\) <= 3.0\(4q\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 3.0\(1c\) <= 3.0\(4q\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs C240 M3
Search vendor "Cisco" for product "Ucs C240 M3"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 3.0\(1c\) <= 3.0\(4q\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 3.0\(1c\) <= 3.0\(4q\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs C420 M3
Search vendor "Cisco" for product "Ucs C420 M3"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
< 3.2.11.3
Search vendor "Cisco" for product "Integrated Management Controller" and version " < 3.2.11.3"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs E-series M1
Search vendor "Cisco" for product "Ucs E-series M1"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
< 3.2.11.3
Search vendor "Cisco" for product "Integrated Management Controller" and version " < 3.2.11.3"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs E-series M2
Search vendor "Cisco" for product "Ucs E-series M2"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
< 3.2.11.3
Search vendor "Cisco" for product "Integrated Management Controller" and version " < 3.2.11.3"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs E-series M3
Search vendor "Cisco" for product "Ucs E-series M3"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 3.1 <= 4.0\(4l\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 3.1 <= 4.0\(4l\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs S3260
Search vendor "Cisco" for product "Ucs S3260"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 4.1\(1c\) <= 4.1\(1f\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 4.1\(1c\) <= 4.1\(1f\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs S3260
Search vendor "Cisco" for product "Ucs S3260"
--
Safe
Cisco
Search vendor "Cisco"
Integrated Management Controller
Search vendor "Cisco" for product "Integrated Management Controller"
>= 3.0\(1c\) <= 3.0\(4q\)
Search vendor "Cisco" for product "Integrated Management Controller" and version " >= 3.0\(1c\) <= 3.0\(4q\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ucs S3160
Search vendor "Cisco" for product "Ucs S3160"
--
Safe