CNNVD-202508-3210 Information
CNNVD ID
CNNVD-202508-3210
Related CVE
- CNNVD Published: 2025-08-27
Description (Chinese)
Cisco Integrated Management Controller(IMC)是美国思科(Cisco)公司的一套用于对UCS(统一计算系统)进行管理的软件。该软件支持HTTP、SSH访问等,并可对服务器进行开机、关机和重启等操作。 Cisco Integrated Management Controller存在安全漏洞,该漏洞源于输入验证不足,可能导致存储型跨站脚本攻击。
Description (English)
Cisco Integrated Management Contractor (IMC) is a software package used by Cisco to manage UCS. The software supports HTTP, SSH access, etc., and allows server access, shutdown and restart. Cisco Integrated Management Consortium has a security loophole, which stems from inadequate input verification and may lead to storage-type cross-site script attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Citadel
Published
2025-08-27
Last Modified
2026-02-24
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-kvmsxss-6h7AnUyk https://nvd.nist.gov/vuln/detail/CVE-2025-20342