Jyh

Name of the Vulnerable Software and Affected Versions: Cisco Integrated Management Controller (IMC) versions prior to 4.15.5, Catalyst 8300 Edge uCPE versions prior to 4.18.3, UCS C-Series M5/M6 (standalone) versions prior to 4.3(2.260007)/4.3(6.260017)/6.0(1.250174), UCS E-Series M3 versions prior to 3.2.17, and UCS E-Series M6 versions prior to 4.15.3. Description: A vulnerability exists in the change password functionality of Cisco Integrated Management Controller (IMC) that allows an unauthenticated, remote attacker to bypass authentication and gain administrative access to the system. This is due to incorrect handling of password change requests, enabling an attacker to send a crafted HTTP request to an affected device. Successful exploitation allows the attacker to alter passwords for any user, including the Admin user, and gain full control of the system. This could lead to configuration changes, remote console access, firmware installation, and potential pivot to managed servers. Recommendations: Apply the vendor-provided updates immediately. Restrict network access to IMC management interfaces, utilizing firewalls, ACLs, or VPNs. Rotate administrative credentials and review logs for suspicious activity after patching.