Denial of Service Vulnerability in Cisco Integrated Management Controller
CVE-2015-6399

Currently unrated

Key Information:

Vendor: Cisco
Status: Integrated Management Controller Supervisor
Vendor: CVE Published:; 15 December 2015

Summary

The Cisco Integrated Management Controller (IMC) versions 1.0.0.0 and 1.0.0.1 are susceptible to a denial of service condition. Remote authenticated users can exploit this vulnerability by sending specially crafted HTTP requests, which can lead to an outage of the IP interface. This vulnerability, identified by Bug ID CSCuv38286, highlights a significant risk as it can disrupt the availability of the management controller for legitimate users.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/79031

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1038475

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Dec 15, 2015
Vulnerability Reserved
Aug 17, 2015