Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user.
This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user.
AnalysisAI
Command injection in Cisco Integrated Management Controller (IMC) web interface allows authenticated attackers with read-only privileges to execute arbitrary commands as root. The CVSS:3.1 vector (AV:N/AC:L/PR:L/UI:N) confirms network-accessible exploitation requiring only low-privilege authentication, with no public exploit identified at time of analysis. EPSS data not provided; CVE-2026 prefix suggests future disclosure.
Technical ContextAI
Cisco Integrated Management Controller (IMC) provides out-of-band management for Cisco UCS standalone servers and E-series infrastructure. This CWE-77 command injection vulnerability stems from improper input validation in the web-based management interface, allowing attackers to inject shell metacharacters or commands into parameters processed by the underlying operating system. The affected CPE strings identify Cisco Unified Computing System (Standalone) and UCS E-Series Software (UCSE) products. Command injection flaws typically occur when application code passes unsanitized user input directly to system shells via functions like exec(), system(), or popen(), enabling attackers to break out of intended command contexts and execute arbitrary code with the privileges of the web service-in this case, root-level access.
RemediationAI
Consult the official Cisco Security Advisory cisco-sa-cimc-cmd-inj-3hKN3bVt at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt for vendor-confirmed patched software versions and upgrade instructions. Patch availability and specific remediated versions are detailed in the advisory but not independently confirmed in provided intelligence data. As interim mitigations, restrict network access to the Cisco IMC web interface using firewall rules or VPNs to limit exposure to trusted management networks, implement strict role-based access controls to minimize accounts with even read-only privileges, and monitor authentication logs for unusual activity from low-privilege accounts accessing administrative functions. Organizations should prioritize upgrades for internet-facing or broadly accessible IMC instances.
Same weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-17948