CVE-2020-3470

Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for certain user-supplied input. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the API subsystem of an affected system. When this request is processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying operating system (OS).

CVSS v3.0 9.8 CRITICAL
CVSS v2.0 10.0 HIGH

9.8^/10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHd	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:cisco:enterprise_nfv_infrastructure_software:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:enterprise_network_compute_system_5100:-:::::::*
	cpe:2.3:h:cisco:enterprise_network_compute_system_5400:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:c125_m5:-:::::::*
	cpe:2.3:h:cisco:c220_m5:-:::::::*
	cpe:2.3:h:cisco:c240_m5:-:::::::*
	cpe:2.3:h:cisco:c480_m5:-:::::::*
	cpe:2.3:h:cisco:c480_ml_m5:-:::::::*

Configuration 3 (hide)

AND

OR	cpe:2.3:a:cisco:integrated_management_controller::::::::
	cpe:2.3:a:cisco:integrated_management_controller::::::::
	cpe:2.3:a:cisco:integrated_management_controller::::::::

OR	cpe:2.3:h:cisco:ucs_c220_m4:-:::::::*
	cpe:2.3:h:cisco:ucs_c460_m4:-:::::::*

Configuration 4 (hide)

AND

cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:ucs_c220_m3:-:::::::*
	cpe:2.3:h:cisco:ucs_c22_m3:-:::::::*
	cpe:2.3:h:cisco:ucs_c240_m3:-:::::::*
	cpe:2.3:h:cisco:ucs_c24_m3:-:::::::*
	cpe:2.3:h:cisco:ucs_c420_m3:-:::::::*

Configuration 5 (hide)

AND

cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:ucs_e-series_m1:-:::::::*
	cpe:2.3:h:cisco:ucs_e-series_m2:-:::::::*
	cpe:2.3:h:cisco:ucs_e-series_m3:-:::::::*

Configuration 6 (hide)

AND

OR	cpe:2.3:a:cisco:integrated_management_controller::::::::
	cpe:2.3:a:cisco:integrated_management_controller::::::::

cpe:2.3:h:cisco:ucs_s3260:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ucs_s3160:-:*:*:*:*:*:*:*

Information

Published : 2020-11-18 11:15

Updated : 2021-08-06 12:06

NVD link : CVE-2020-3470

Mitre link : CVE-2020-3470

JSON object : View

CWE

CWE-20

Improper Input Validation

Products Affected

cisco

ucs_s3260
c480_m5
ucs_c240_m3
enterprise_nfv_infrastructure_software
enterprise_network_compute_system_5100
c125_m5
c220_m5
ucs_c460_m4
ucs_e-series_m2
ucs_c24_m3
enterprise_network_compute_system_5400
c480_ml_m5
integrated_management_controller
ucs_c220_m4
ucs_c420_m3
ucs_s3160
ucs_e-series_m1
ucs_c220_m3
ucs_e-series_m3
c240_m5
ucs_c22_m3

9.8 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2020-3470

9.8^/10

10.0^/10

Attach tags to `CVE-2020-3470`