Cisco Integrated Management Controller Authentication Bypass Vulnerability — CISCO-SA-CIMC-AUTH-BYPASS-AGG2BXTN
Cisco · Cisco · CISCO-SA-CIMC-AUTH-BYPASS-AGG2BXTN
ID
CISCO-SA-CIMC-AUTH-BYPASS-AGG2BXTN
CISCO-SA-CIMC-AUTH-BYPASS-AGG2BXTN
Date
Activity
Source
Cisco
Cisco
Vendor
Cisco
Cisco
Threat
critical
critical
Summary
A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin . This vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful…
Product
Cisco Integrated Management Controller Authentication Bypass
What to do
General, cautious steps (verify details in the official source):
- Prioritize patching or mitigation immediately (treat as actively risky).
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.