Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cnvd-2025-06739
Vulnerability from cnvd
Title: Cisco Integrated Management Controller命令注入漏洞
Description:
Cisco Integrated Management Controller是美国思科(Cisco)公司的一套用于对UCS(统一计算系统)进行管理的软件。
Cisco Integrated Management Controller存在命令注入漏洞。该漏洞允许经过身份验证的攻击者对底层操作系统执行命令注入攻击。 攻击者可利用该漏洞将权限提升至root。
Severity: 中
Patch Name: Cisco Integrated Management Controller命令注入漏洞的补丁
Patch Description:
Cisco Integrated Management Controller是美国思科(Cisco)公司的一套用于对UCS(统一计算系统)进行管理的软件。
Cisco Integrated Management Controller存在命令注入漏洞。该漏洞允许经过身份验证的攻击者对底层操作系统执行命令注入攻击。 攻击者可利用该漏洞将权限提升至root。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
目前厂商已发布升级程序修复该安全问题,详情见厂商官网: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ
Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-20295
Name | Cisco Integrated Management Controller |
---|
{ "cves": { "cve": { "cveNumber": "CVE-2024-20295", "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-20295" } }, "description": "Cisco Integrated Management Controller\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u5bf9UCS\uff08\u7edf\u4e00\u8ba1\u7b97\u7cfb\u7edf\uff09\u8fdb\u884c\u7ba1\u7406\u7684\u8f6f\u4ef6\u3002\n\nCisco Integrated Management Controller\u5b58\u5728\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u5141\u8bb8\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u5bf9\u5e95\u5c42\u64cd\u4f5c\u7cfb\u7edf\u6267\u884c\u547d\u4ee4\u6ce8\u5165\u653b\u51fb\u3002 \u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u6743\u9650\u63d0\u5347\u81f3root\u3002", "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51:\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ", "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e", "number": "CNVD-2025-06739", "openTime": "2025-04-08", "patchDescription": "Cisco Integrated Management Controller\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u5bf9UCS\uff08\u7edf\u4e00\u8ba1\u7b97\u7cfb\u7edf\uff09\u8fdb\u884c\u7ba1\u7406\u7684\u8f6f\u4ef6\u3002\r\n\r\nCisco Integrated Management Controller\u5b58\u5728\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u5141\u8bb8\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u5bf9\u5e95\u5c42\u64cd\u4f5c\u7cfb\u7edf\u6267\u884c\u547d\u4ee4\u6ce8\u5165\u653b\u51fb\u3002 \u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u6743\u9650\u63d0\u5347\u81f3root\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002", "patchName": "Cisco Integrated Management Controller\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01", "products": { "product": "Cisco Integrated Management Controller" }, "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2024-20295", "serverity": "\u4e2d", "submitTime": "2024-04-26", "title": "Cisco Integrated Management Controller\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e" }
CVE-2024-20295 (GCVE-0-2024-20295)
Vulnerability from cvelistv5
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Vendor | Product | Version | |||||||
---|---|---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Unified Computing System (Standalone) |
Version: 3.0(1c) Version: 3.0(1d) Version: 3.0(2b) Version: 3.0(3a) Version: 3.0(3b) Version: 3.0(3c) Version: 3.0(3e) Version: 3.0(3f) Version: 3.0(4a) Version: 3.0(4d) Version: 3.0(4e) Version: 3.0(4i) Version: 3.0(4j) Version: 3.0(4k) Version: 3.0(4l) Version: 3.0(4m) Version: 3.0(4n) Version: 3.0(4o) Version: 3.0(4p) Version: 3.0(4q) Version: 3.0(4r) Version: 3.0(4s) Version: 2.0(10b) Version: 2.0(10c) Version: 2.0(10e) Version: 2.0(10f) Version: 2.0(10g) Version: 2.0(10h) Version: 2.0(10i) Version: 2.0(10k) Version: 2.0(10l) Version: 2.0(12b) Version: 2.0(12c) Version: 2.0(12d) Version: 2.0(12e) Version: 2.0(12f) Version: 2.0(12g) Version: 2.0(12h) Version: 2.0(12i) Version: 2.0(13e) Version: 2.0(13f) Version: 2.0(13h) Version: 2.0(13i) Version: 2.0(13k) Version: 2.0(13n) Version: 2.0(13o) Version: 2.0(13p) Version: 2.0(13q) Version: 2.0(1a) Version: 2.0(1b) Version: 2.0(3d)1 Version: 2.0(3d)2 Version: 2.0(3e)1 Version: 2.0(3f)3 Version: 2.0(3i) Version: 2.0(3j)1 Version: 2.0(4c) Version: 2.0(4c)1 Version: 2.0(6d) Version: 2.0(6f) Version: 2.0(8d) Version: 2.0(8e) Version: 2.0(8g) Version: 2.0(8h) Version: 2.0(9c) Version: 2.0(9e) Version: 2.0(9f) Version: 2.0(9l) Version: 2.0(9m) Version: 2.0(9n) Version: 2.0(9o) Version: 2.0(9p) Version: 3.1(1d) Version: 3.1(2b) Version: 3.1(2c) Version: 3.1(2d) Version: 3.1(2e) Version: 3.1(2g) Version: 3.1(2i) Version: 3.1(3a) Version: 3.1(3b) Version: 3.1(3c) Version: 3.1(3d) Version: 3.1(3g) Version: 3.1(3h) Version: 3.1(3i) Version: 3.1(3j) Version: 3.1(3k) Version: 4.0(1.240) Version: 4.0(1a) Version: 4.0(1b) Version: 4.0(1c) Version: 4.0(1d) Version: 4.0(1e) Version: 4.0(1g) Version: 4.0(1h) Version: 4.0(2c) Version: 4.0(2d) Version: 4.0(2f) Version: 4.0(2g) Version: 4.0(2h) Version: 4.0(2i) Version: 4.0(2l) Version: 4.0(2n) Version: 4.0(4b) Version: 4.0(4c) Version: 4.0(4d) Version: 4.0(4e) Version: 4.0(4f) Version: 4.0(4h) Version: 4.0(4i) Version: 4.0(4k) Version: 4.0(4l) Version: 4.0(4m) Version: 4.0(2o) Version: 4.0(2p) Version: 4.0(4n) Version: 4.0(2q) Version: 4.0(2r) Version: 4.1(1c) Version: 4.1(1d) Version: 4.1(1f) Version: 4.1(1g) Version: 4.1(2a) Version: 4.1(1h) Version: 4.1(2b) Version: 4.1(2f) Version: 4.1(2e) Version: 4.1(3b) Version: 4.1(2d) Version: 4.1(3c) Version: 4.1(3d) Version: 4.1(2g) Version: 4.1(3f) Version: 4.1(2h) Version: 4.1(2j) Version: 4.1(2k) Version: 4.1(2l) Version: 4.1(3h) Version: 4.1(3i) Version: 4.1(3l) Version: 4.2(1a) Version: 4.2(1b) Version: 4.2(1c) Version: 4.2(1e) Version: 4.2(1f) Version: 4.2(1g) Version: 4.2(1i) Version: 4.2(1j) Version: 4.2(2a) Version: 4.2(2f) Version: 4.2(2g) Version: 4.2(3b) Version: 4.2(3d) Version: 4.2(3e) Version: 4.2(3g) Version: 4.2(3h) Version: 4.2(3i) Version: 4.3(1.230097) Version: 4.3(1.230124) Version: 4.3(1.230138) Version: 4.3(2.230207) Version: 4.3(2.230270) |
||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:cisco:unified_computing_system:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "unified_computing_system", "vendor": "cisco", "versions": [ { "lessThanOrEqual": "4.3", "status": "affected", "version": "2", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-20295", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-25T18:37:12.600877Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:40:08.364Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:59:41.494Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-cimc-cmd-inj-mUx4c5AJ", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Cisco Unified Computing System (Standalone)", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "3.0(1c)" }, { "status": "affected", "version": "3.0(1d)" }, { "status": "affected", "version": "3.0(2b)" }, { "status": "affected", "version": "3.0(3a)" }, { "status": "affected", "version": "3.0(3b)" }, { "status": "affected", "version": "3.0(3c)" }, { "status": "affected", "version": "3.0(3e)" }, { "status": "affected", "version": "3.0(3f)" }, { "status": "affected", "version": "3.0(4a)" }, { "status": "affected", "version": "3.0(4d)" }, { "status": "affected", "version": "3.0(4e)" }, { "status": "affected", "version": "3.0(4i)" }, { "status": "affected", "version": "3.0(4j)" }, { "status": "affected", "version": "3.0(4k)" }, { "status": "affected", "version": "3.0(4l)" }, { "status": "affected", "version": "3.0(4m)" }, { "status": "affected", "version": "3.0(4n)" }, { "status": "affected", "version": "3.0(4o)" }, { "status": "affected", "version": "3.0(4p)" }, { "status": "affected", "version": "3.0(4q)" }, { "status": "affected", "version": "3.0(4r)" }, { "status": "affected", "version": "3.0(4s)" }, { "status": "affected", "version": "2.0(10b)" }, { "status": "affected", "version": "2.0(10c)" }, { "status": "affected", "version": "2.0(10e)" }, { "status": "affected", "version": "2.0(10f)" }, { "status": "affected", "version": "2.0(10g)" }, { "status": "affected", "version": "2.0(10h)" }, { "status": "affected", "version": "2.0(10i)" }, { "status": "affected", "version": "2.0(10k)" }, { "status": "affected", "version": "2.0(10l)" }, { "status": "affected", "version": "2.0(12b)" }, { "status": "affected", "version": "2.0(12c)" }, { "status": "affected", "version": "2.0(12d)" }, { "status": "affected", "version": "2.0(12e)" }, { "status": "affected", "version": "2.0(12f)" }, { "status": "affected", "version": "2.0(12g)" }, { "status": "affected", "version": "2.0(12h)" }, { "status": "affected", "version": "2.0(12i)" }, { "status": "affected", "version": "2.0(13e)" }, { "status": "affected", "version": "2.0(13f)" }, { "status": "affected", "version": "2.0(13h)" }, { "status": "affected", "version": "2.0(13i)" }, { "status": "affected", "version": "2.0(13k)" }, { "status": "affected", "version": "2.0(13n)" }, { "status": "affected", "version": "2.0(13o)" }, { "status": "affected", "version": "2.0(13p)" }, { "status": "affected", "version": "2.0(13q)" }, { "status": "affected", "version": "2.0(1a)" }, { "status": "affected", "version": "2.0(1b)" }, { "status": "affected", "version": "2.0(3d)1" }, { "status": "affected", "version": "2.0(3d)2" }, { "status": "affected", "version": "2.0(3e)1" }, { "status": "affected", "version": "2.0(3f)3" }, { "status": "affected", "version": "2.0(3i)" }, { "status": "affected", "version": "2.0(3j)1" }, { "status": "affected", "version": "2.0(4c)" }, { "status": "affected", "version": "2.0(4c)1" }, { "status": "affected", "version": "2.0(6d)" }, { "status": "affected", "version": "2.0(6f)" }, { "status": "affected", "version": "2.0(8d)" }, { "status": "affected", "version": "2.0(8e)" }, { "status": "affected", "version": "2.0(8g)" }, { "status": "affected", "version": "2.0(8h)" }, { "status": "affected", "version": "2.0(9c)" }, { "status": "affected", "version": "2.0(9e)" }, { "status": "affected", "version": "2.0(9f)" }, { "status": "affected", "version": "2.0(9l)" }, { "status": "affected", "version": "2.0(9m)" }, { "status": "affected", "version": "2.0(9n)" }, { "status": "affected", "version": "2.0(9o)" }, { "status": "affected", "version": "2.0(9p)" }, { "status": "affected", "version": "3.1(1d)" }, { "status": "affected", "version": "3.1(2b)" }, { "status": "affected", "version": "3.1(2c)" }, { "status": "affected", "version": "3.1(2d)" }, { "status": "affected", "version": "3.1(2e)" }, { "status": "affected", "version": "3.1(2g)" }, { "status": "affected", "version": "3.1(2i)" }, { "status": "affected", "version": "3.1(3a)" }, { "status": "affected", "version": "3.1(3b)" }, { "status": "affected", "version": "3.1(3c)" }, { "status": "affected", "version": "3.1(3d)" }, { "status": "affected", "version": "3.1(3g)" }, { "status": "affected", "version": "3.1(3h)" }, { "status": "affected", "version": "3.1(3i)" }, { "status": "affected", "version": "3.1(3j)" }, { "status": "affected", "version": "3.1(3k)" }, { "status": "affected", "version": "4.0(1.240)" }, { "status": "affected", "version": "4.0(1a)" }, { "status": "affected", "version": "4.0(1b)" }, { "status": "affected", "version": "4.0(1c)" }, { "status": "affected", "version": "4.0(1d)" }, { "status": "affected", "version": "4.0(1e)" }, { "status": "affected", "version": "4.0(1g)" }, { "status": "affected", "version": "4.0(1h)" }, { "status": "affected", "version": "4.0(2c)" }, { "status": "affected", "version": "4.0(2d)" }, { "status": "affected", "version": "4.0(2f)" }, { "status": "affected", "version": "4.0(2g)" }, { "status": "affected", "version": "4.0(2h)" }, { "status": "affected", "version": "4.0(2i)" }, { "status": "affected", "version": "4.0(2l)" }, { "status": "affected", "version": "4.0(2n)" }, { "status": "affected", "version": "4.0(4b)" }, { "status": "affected", "version": "4.0(4c)" }, { "status": "affected", "version": "4.0(4d)" }, { "status": "affected", "version": "4.0(4e)" }, { "status": "affected", "version": "4.0(4f)" }, { "status": "affected", "version": "4.0(4h)" }, { "status": "affected", "version": "4.0(4i)" }, { "status": "affected", "version": "4.0(4k)" }, { "status": "affected", "version": "4.0(4l)" }, { "status": "affected", "version": "4.0(4m)" }, { "status": "affected", "version": "4.0(2o)" }, { "status": "affected", "version": "4.0(2p)" }, { "status": "affected", "version": "4.0(4n)" }, { "status": "affected", "version": "4.0(2q)" }, { "status": "affected", "version": "4.0(2r)" }, { "status": "affected", "version": "4.1(1c)" }, { "status": "affected", "version": "4.1(1d)" }, { "status": "affected", "version": "4.1(1f)" }, { "status": "affected", "version": "4.1(1g)" }, { "status": "affected", "version": "4.1(2a)" }, { "status": "affected", "version": "4.1(1h)" }, { "status": "affected", "version": "4.1(2b)" }, { "status": "affected", "version": "4.1(2f)" }, { "status": "affected", "version": "4.1(2e)" }, { "status": "affected", "version": "4.1(3b)" }, { "status": "affected", "version": "4.1(2d)" }, { "status": "affected", "version": "4.1(3c)" }, { "status": "affected", "version": "4.1(3d)" }, { "status": "affected", "version": "4.1(2g)" }, { "status": "affected", "version": "4.1(3f)" }, { "status": "affected", "version": "4.1(2h)" }, { "status": "affected", "version": "4.1(2j)" }, { "status": "affected", "version": "4.1(2k)" }, { "status": "affected", "version": "4.1(2l)" }, { "status": "affected", "version": "4.1(3h)" }, { "status": "affected", "version": "4.1(3i)" }, { "status": "affected", "version": "4.1(3l)" }, { "status": "affected", "version": "4.2(1a)" }, { "status": "affected", "version": "4.2(1b)" }, { "status": "affected", "version": "4.2(1c)" }, { "status": "affected", "version": "4.2(1e)" }, { "status": "affected", "version": "4.2(1f)" }, { "status": "affected", "version": "4.2(1g)" }, { "status": "affected", "version": "4.2(1i)" }, { "status": "affected", "version": "4.2(1j)" }, { "status": "affected", "version": "4.2(2a)" }, { "status": "affected", "version": "4.2(2f)" }, { "status": "affected", "version": "4.2(2g)" }, { "status": "affected", "version": "4.2(3b)" }, { "status": "affected", "version": "4.2(3d)" }, { "status": "affected", "version": "4.2(3e)" }, { "status": "affected", "version": "4.2(3g)" }, { "status": "affected", "version": "4.2(3h)" }, { "status": "affected", "version": "4.2(3i)" }, { "status": "affected", "version": "4.3(1.230097)" }, { "status": "affected", "version": "4.3(1.230124)" }, { "status": "affected", "version": "4.3(1.230138)" }, { "status": "affected", "version": "4.3(2.230207)" }, { "status": "affected", "version": "4.3(2.230270)" } ] }, { "product": "Cisco Unified Computing System E-Series Software (UCSE)", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "N/A" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or higher privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-24T19:41:02.339Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-cimc-cmd-inj-mUx4c5AJ", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ" } ], "source": { "advisory": "cisco-sa-cimc-cmd-inj-mUx4c5AJ", "defects": [ "CSCwi12864", "CSCwi29799", "CSCwi10842" ], "discovery": "EXTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20295", "datePublished": "2024-04-24T19:41:02.339Z", "dateReserved": "2023-11-08T15:08:07.629Z", "dateUpdated": "2024-08-01T21:59:41.494Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.