Skip to main content

Cisco CVE-2026-20093

| EUVDEUVD-2026-17947 CRITICAL
Improper Input Validation (CWE-20)
2026-04-01 cisco
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

5
Started Trending
Apr 06, 2026 - 08:01 vuln.today
5.1
PoC Detected
Apr 03, 2026 - 16:11 vuln.today
Public exploit code
EUVD ID Assigned
Apr 01, 2026 - 17:30 euvd
EUVD-2026-17947
Analysis Generated
Apr 01, 2026 - 17:30 vuln.today
CVE Published
Apr 01, 2026 - 16:28 nvd
CRITICAL 9.8

DescriptionCVE.org

A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin.

This vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an Admin user, and gain access to the system as that user.

AnalysisAI

Authentication bypass in Cisco Integrated Management Controller (IMC) allows unauthenticated remote attackers to gain administrative access by exploiting improper password change request handling. Affected products include Cisco Enterprise NFV Infrastructure Software, Unified Computing System (Standalone), and UCS E-Series Software. The attacker can alter any user's password, including Admin accounts, and take full control of the management interface. CVSS 9.8 (Critical) with network-accessible attack vector requiring no privileges or user interaction. No public exploit identified at time of analysis, though EPSS data not available for comprehensive risk assessment.

Technical ContextAI

Cisco Integrated Management Controller provides out-of-band management for Cisco UCS servers and network function virtualization infrastructure. This vulnerability stems from CWE-20 (Improper Input Validation) in the password change functionality, where the application fails to properly validate or authenticate password modification requests. The affected CPE entries indicate impact across multiple Cisco UCS product lines: Enterprise NFV Infrastructure Software, Unified Computing System Standalone configurations, and UCS E-Series deployments. The flaw allows manipulation of the password change mechanism through crafted HTTP requests, bypassing the authentication layer entirely. This represents a critical failure in identity and access management controls at the hardware management layer, where IMC typically operates with privileged access to physical and virtual infrastructure components.

RemediationAI

Organizations should immediately consult the Cisco Security Advisory at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn for vendor-recommended remediation steps and patched software versions. As an immediate risk mitigation measure, restrict network access to Cisco IMC interfaces using firewall rules or access control lists, allowing connections only from trusted management networks or jump hosts. Disable external or internet-facing access to IMC interfaces entirely if not operationally required. Implement network segmentation to isolate management plane traffic from production networks. Monitor IMC access logs for unauthorized password change attempts or suspicious authentication activity. Enable multi-factor authentication if supported in patched versions. Given the unauthenticated nature of the exploit, network-layer controls are critical until patches can be deployed. Organizations should prioritize patching based on exposure risk, addressing internet-accessible or DMZ-located UCS infrastructure first.

Share

CVE-2026-20093 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy