Description
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user.

This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user.
Published: 2026-04-01
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Command Execution
Action: Apply Patch
AI Analysis

Impact

A flaw in the web‑based management interface of Cisco Integrated Management Controller allows an authenticated remote user with read‑only access to inject arbitrary shell commands. The vulnerability arises from improper validation of user input, enabling a command‑injection exploit that runs as root. An attacker can execute any command on the underlying operating system, compromising confidentiality, integrity, and availability of the affected system.

Affected Systems

The issue affects Cisco Unified Computing System (Standalone) and Cisco Unified Computing System E‑Series Software, specifically the IMC component of these products. No specific firmware or software versions are listed, so all deployments using these products are potentially vulnerable until a vendor update is applied.

Risk and Exploitability

The CVSS score of 8.8 indicates high severity. Exploitation requires network access to the web interface and authentication with a read‑only account, which is typically provided over the network. Once authenticated, crafted payloads are executed with root privileges, allowing full system compromise. The combination of remote attack surface, elevated privileges, and high impact warrants immediate remediation.

Generated by OpenCVE AI on April 2, 2026 at 03:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor patch or upgrade to the latest firmware for Cisco Integrated Management Controller.
  • If a patch is not yet available, limit network access to the CIMC web interface to trusted administrative hosts and enforce strong authentication.
  • Disable or isolate the CIMC web management service if it is not required for day‑to‑day operations.
  • Implement firewall or ACL rules to block unauthorized inbound connections to the CIMC port.
  • Monitor system logs for anomalous command execution or web interface activity and investigate any suspicious events.

Generated by OpenCVE AI on April 2, 2026 at 03:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Cisco
Cisco unified Computing System
Cisco unified Computing System Software
Vendors & Products Cisco
Cisco unified Computing System
Cisco unified Computing System Software

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user.
Title Cisco Integrated Management Controller Command Injection Vulnerability
Weaknesses CWE-77
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

Cisco Unified Computing System Unified Computing System Software
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-04-22T19:09:45.612Z

Reserved: 2025-10-08T11:59:15.369Z

Link: CVE-2026-20094

cve-icon Vulnrichment

Updated: 2026-04-01T18:17:23.337Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-01T17:28:29.230

Modified: 2026-04-03T16:11:11.357

Link: CVE-2026-20094

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T08:58:32Z

Weaknesses