Cisco IMC Vulnerability Could Lead to Command Injection and Privilege Escalation
CVE-2024-20356

8.7HIGH

Key Information:

Vendor
Cisco
Status
Cisco Unified Computing System (standalone)
Cisco Unified Computing System E-series Software (ucse)
Vendor
CVE Published:
24 April 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

A security vulnerability exists in the web-based management interface of Cisco's Integrated Management Controller, which presents a significant risk for systems utilizing this management platform. The flaw is attributed to inadequate validation of user input, allowing remote attackers with Administrator-level access to conduct command injection attacks. By exploiting this vulnerability, an attacker can send specially crafted commands to the management interface, potentially gaining unauthorized root access to the system. This can lead to complete control over the affected device, emphasizing the need for immediate attention and remediation to safeguard sensitive information and critical systems.

Affected Version(s)

Cisco Unified Computing System (Standalone) 3.0(1c)

Cisco Unified Computing System (Standalone) 3.0(1d)

Cisco Unified Computing System (Standalone) 3.0(3a)

News Articles

favicon imageLRQA Nettitude

CVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM

Exploiting remote code execution in Cisco's CIMC management system and jailbreaking the device to run untrusted code

10 months ago

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • 🟡

    Public PoC available

  • Vulnerability published

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by LRQA Nettitude

  • Vulnerability Reserved

.