cisco-sa-ucs-api-rce-UXwpeDHd: Cisco Integrated Management Controller Multiple Remote Code Execution Vulnerabilities
First published: Wed Nov 18 2020(Updated: )
Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for certain user-supplied input. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the API subsystem of an affected system. When this request is processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying operating system (OS). Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHd
Credit: Nikita Abramov Positive Technologies for reporting these vulnerabilities
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco M3 Servers | =3.0<3.0(1c) to 3.0(4q) | 3.0(1c) to 3.0(4q) |
| Cisco M4 Servers | =4.1<4.1(1c) to 4.1(1f)=4.0<4.0(1a) to 4.0(2l)=3.0<3.0(1c) to 3.0(4q) | 4.1(1c) to 4.1(1f) 4.0(1a) to 4.0(2l) 3.0(1c) to 3.0(4q) |
| Cisco M5 Servers | =4.1<4.1(1c) to 4.1(1f)>=3.1<=4.0<4.0(1a) to 4.0(4l) | 4.1(1c) to 4.1(1f) 4.0(1a) to 4.0(4l) |
| Cisco UCS S3160 | =3.0<3.0(1c) to 3.0(4q) | 3.0(1c) to 3.0(4q) |
| Cisco UCS S3260 | =4.1<4.1(1c) to 4.1(1f)>=3.1<=4.0<4.0(1a) to 4.0(4l) | 4.1(1c) to 4.1(1f) 4.0(1a) to 4.0(4l) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What are the key vulnerabilities in cisco-sa-ucs-api-rce-UXwpeDHd?
The key vulnerabilities in cisco-sa-ucs-api-rce-UXwpeDHd allow an unauthenticated remote attacker to execute arbitrary code with root privileges due to improper boundary checks for user-supplied input.
What software versions are affected by cisco-sa-ucs-api-rce-UXwpeDHd?
The affected software versions for cisco-sa-ucs-api-rce-UXwpeDHd include multiple versions across Cisco M3, M4, M5 Servers, UCS S3160, and UCS S3260.
How do I remediate cisco-sa-ucs-api-rce-UXwpeDHd vulnerabilities?
To remediate cisco-sa-ucs-api-rce-UXwpeDHd vulnerabilities, upgrade the affected software to the recommended versions specified in the advisory.
What is the risk of cisco-sa-ucs-api-rce-UXwpeDHd if left unpatched?
If cisco-sa-ucs-api-rce-UXwpeDHd is left unpatched, it poses a significant risk as it allows remote attackers to gain root access and potentially compromise the entire system.
Is authentication required to exploit cisco-sa-ucs-api-rce-UXwpeDHd?
No, authentication is not required to exploit the vulnerabilities described in cisco-sa-ucs-api-rce-UXwpeDHd, allowing attackers to act without credential restrictions.
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/title
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco m3 servers
- version/cisco m3 servers/3.0
- canonical/cisco m4 servers
- version/cisco m4 servers/4.1
- version/cisco m4 servers/4.0
- version/cisco m4 servers/3.0
- canonical/cisco m5 servers
- version/cisco m5 servers/4.1
- version/cisco m5 servers/3.1
- version/cisco m5 servers/4.0
- canonical/cisco ucs s3160
- version/cisco ucs s3160/3.0
- canonical/cisco ucs s3260
- version/cisco ucs s3260/4.1
- version/cisco ucs s3260/3.1
- version/cisco ucs s3260/4.0