cisco-sa-20151211-imc

Cisco Integrated Management Controller Denial of Service Vulnerability

cisco-sa-20151211-imc · Medium · Published 10 years ago · Updated 9 years ago

A vulnerability in Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to make the IMC IP interface inaccessible. The vulnerability is due to incomplete sanitization of input for certain parameters. An attacker could exploit this vulnerability by sending a crafted HTTP request to the IMC. A successful exploit could allow the attacker to cause the IMC to become inaccessible via the IP interface, resulting in a denial of service (DoS) condition. There are workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151211-imc

Cisco advisory ·CSAF JSON

Workarounds

Administrators may consider performing a factory reset on affected systems.

CVEs	CVE-2015-6399
Cisco Bug IDs	CSCuv38286
CVSS Score	Base 6.8 Base 6.8 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X
Product Names From Source	Cisco Unified Computing System (Management Software)

Related Products

Product	CVE	Evidence
Cisco RV Series Routers	CVE-2015-6399	Cisco OpenVuln
Cisco Nexus Dashboard	CVE-2015-6399	Cisco OpenVuln
Cisco Unified Computing System (Management Software)	CVE-2015-6399	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco Integrated Management Controller Denial of Service Vulnerability

Workarounds

Related Products