CVE-2026-20093 (GCVE-0-2026-20093)
Vulnerability from cvelistv5
Published
2026-04-01 16:28
Modified
2026-04-02 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin.
This vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an Admin user, and gain access to the system as that user.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Enterprise NFV Infrastructure Software |
Version: 4.1.1 Version: 3.9.1 Version: 3.5.2 Version: 3.12.2 Version: 3.6.2 Version: 3.9.2 Version: 3.11.3 Version: 3.11.1 Version: 3.5.1 Version: 3.3.1 Version: 3.10.2 Version: 3.12.1b Version: 3.4.1 Version: 3.12.1a Version: 3.6.3 Version: 3.8.1 Version: 3.11.2 Version: 3.12.1 Version: 3.12.3 Version: 3.10.1 Version: 3.6.1 Version: 3.10.3 Version: 3.7.1 Version: 4.1.2 Version: 4.2.1 Version: 4.2.2 Version: 4.4.1 Version: 4.4.2 Version: 4.5.1 Version: 4.4.3 Version: 4.6.1 Version: 4.7.1 Version: 4.6.2-FC2 Version: 4.6.2-FC3 Version: 4.6.2 Version: 4.8.1 Version: 4.8.2 Version: 4.9.1 Version: 4.6.3 Version: 4.9.2-FC5 Version: 4.9.2 Version: 4.10.1 Version: 4.9.3 Version: 4.11.1 Version: 4.9.4 Version: 4.12.1 Version: 4.6.4 Version: 4.12.2 Version: 4.13.1 Version: 4.9.4-ES8 Version: 4.9.5 Version: 4.12.3 Version: 4.6.5-ES1 Version: 4.9.4-ES9 Version: 4.14.1 Version: 4.6.3-FC4 Version: 4.9.4-FC3 Version: 4.12.4 Version: 4.15.1 Version: 4.9.6 Version: 4.16.1 Version: 4.15.2 Version: 4.12.5 Version: 4.15.3 Version: 4.15.4 Version: 4.18.1 Version: 4.12.6 Version: 4.18.2 Version: 4.18.2a |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20093",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:12.925Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Enterprise NFV Infrastructure Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.5.2"
},
{
"status": "affected",
"version": "3.12.2"
},
{
"status": "affected",
"version": "3.6.2"
},
{
"status": "affected",
"version": "3.9.2"
},
{
"status": "affected",
"version": "3.11.3"
},
{
"status": "affected",
"version": "3.11.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.12.1b"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.12.1a"
},
{
"status": "affected",
"version": "3.6.3"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.11.2"
},
{
"status": "affected",
"version": "3.12.1"
},
{
"status": "affected",
"version": "3.12.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.6.1"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "4.1.2"
},
{
"status": "affected",
"version": "4.2.1"
},
{
"status": "affected",
"version": "4.2.2"
},
{
"status": "affected",
"version": "4.4.1"
},
{
"status": "affected",
"version": "4.4.2"
},
{
"status": "affected",
"version": "4.5.1"
},
{
"status": "affected",
"version": "4.4.3"
},
{
"status": "affected",
"version": "4.6.1"
},
{
"status": "affected",
"version": "4.7.1"
},
{
"status": "affected",
"version": "4.6.2-FC2"
},
{
"status": "affected",
"version": "4.6.2-FC3"
},
{
"status": "affected",
"version": "4.6.2"
},
{
"status": "affected",
"version": "4.8.1"
},
{
"status": "affected",
"version": "4.8.2"
},
{
"status": "affected",
"version": "4.9.1"
},
{
"status": "affected",
"version": "4.6.3"
},
{
"status": "affected",
"version": "4.9.2-FC5"
},
{
"status": "affected",
"version": "4.9.2"
},
{
"status": "affected",
"version": "4.10.1"
},
{
"status": "affected",
"version": "4.9.3"
},
{
"status": "affected",
"version": "4.11.1"
},
{
"status": "affected",
"version": "4.9.4"
},
{
"status": "affected",
"version": "4.12.1"
},
{
"status": "affected",
"version": "4.6.4"
},
{
"status": "affected",
"version": "4.12.2"
},
{
"status": "affected",
"version": "4.13.1"
},
{
"status": "affected",
"version": "4.9.4-ES8"
},
{
"status": "affected",
"version": "4.9.5"
},
{
"status": "affected",
"version": "4.12.3"
},
{
"status": "affected",
"version": "4.6.5-ES1"
},
{
"status": "affected",
"version": "4.9.4-ES9"
},
{
"status": "affected",
"version": "4.14.1"
},
{
"status": "affected",
"version": "4.6.3-FC4"
},
{
"status": "affected",
"version": "4.9.4-FC3"
},
{
"status": "affected",
"version": "4.12.4"
},
{
"status": "affected",
"version": "4.15.1"
},
{
"status": "affected",
"version": "4.9.6"
},
{
"status": "affected",
"version": "4.16.1"
},
{
"status": "affected",
"version": "4.15.2"
},
{
"status": "affected",
"version": "4.12.5"
},
{
"status": "affected",
"version": "4.15.3"
},
{
"status": "affected",
"version": "4.15.4"
},
{
"status": "affected",
"version": "4.18.1"
},
{
"status": "affected",
"version": "4.12.6"
},
{
"status": "affected",
"version": "4.18.2"
},
{
"status": "affected",
"version": "4.18.2a"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Computing System (Standalone)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0(2g)"
},
{
"status": "affected",
"version": "3.1(2i)"
},
{
"status": "affected",
"version": "3.1(1d)"
},
{
"status": "affected",
"version": "4.0(4i)"
},
{
"status": "affected",
"version": "4.1(1c)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "4.0(1e)"
},
{
"status": "affected",
"version": "4.0(2h)"
},
{
"status": "affected",
"version": "4.0(4h)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "4.0(2l)"
},
{
"status": "affected",
"version": "3.1(3g)"
},
{
"status": "affected",
"version": "4.0(1.240)"
},
{
"status": "affected",
"version": "4.0(2f)"
},
{
"status": "affected",
"version": "4.0(1g)"
},
{
"status": "affected",
"version": "4.0(2i)"
},
{
"status": "affected",
"version": "3.1(3i)"
},
{
"status": "affected",
"version": "4.0(4d)"
},
{
"status": "affected",
"version": "4.1(1d)"
},
{
"status": "affected",
"version": "3.1(3c)"
},
{
"status": "affected",
"version": "4.0(4k)"
},
{
"status": "affected",
"version": "3.1(2d)"
},
{
"status": "affected",
"version": "3.1(3a)"
},
{
"status": "affected",
"version": "3.1(3j)"
},
{
"status": "affected",
"version": "4.0(2d)"
},
{
"status": "affected",
"version": "4.1(1f)"
},
{
"status": "affected",
"version": "4.0(1c)"
},
{
"status": "affected",
"version": "4.0(4f)"
},
{
"status": "affected",
"version": "4.0(4c)"
},
{
"status": "affected",
"version": "3.1(3d)"
},
{
"status": "affected",
"version": "3.1(2g)"
},
{
"status": "affected",
"version": "3.1(2c)"
},
{
"status": "affected",
"version": "4.0(1d)"
},
{
"status": "affected",
"version": "3.1(2e)"
},
{
"status": "affected",
"version": "4.0(1a)"
},
{
"status": "affected",
"version": "4.0(1b)"
},
{
"status": "affected",
"version": "3.1(3b)"
},
{
"status": "affected",
"version": "4.0(4b)"
},
{
"status": "affected",
"version": "3.1(2b)"
},
{
"status": "affected",
"version": "4.0(4e)"
},
{
"status": "affected",
"version": "3.1(3h)"
},
{
"status": "affected",
"version": "4.0(4l)"
},
{
"status": "affected",
"version": "4.1(1g)"
},
{
"status": "affected",
"version": "4.1(2a)"
},
{
"status": "affected",
"version": "4.0(2n)"
},
{
"status": "affected",
"version": "4.1(1h)"
},
{
"status": "affected",
"version": "3.1(3k)"
},
{
"status": "affected",
"version": "4.1(2b)"
},
{
"status": "affected",
"version": "4.0(2o)"
},
{
"status": "affected",
"version": "4.0(4m)"
},
{
"status": "affected",
"version": "4.1(2d)"
},
{
"status": "affected",
"version": "4.1(3b)"
},
{
"status": "affected",
"version": "4.0(2p)"
},
{
"status": "affected",
"version": "4.1(2e)"
},
{
"status": "affected",
"version": "4.1(2f)"
},
{
"status": "affected",
"version": "4.0(4n)"
},
{
"status": "affected",
"version": "4.0(2q)"
},
{
"status": "affected",
"version": "4.1(3c)"
},
{
"status": "affected",
"version": "4.0(2r)"
},
{
"status": "affected",
"version": "4.1(3d)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "4.1(2h)"
},
{
"status": "affected",
"version": "4.1(3f)"
},
{
"status": "affected",
"version": "4.1(2j)"
},
{
"status": "affected",
"version": "4.1(2k)"
},
{
"status": "affected",
"version": "4.1(3h)"
},
{
"status": "affected",
"version": "4.2(2a)"
},
{
"status": "affected",
"version": "4.1(3i)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "4.2(3b)"
},
{
"status": "affected",
"version": "4.1(3l)"
},
{
"status": "affected",
"version": "4.2(3d)"
},
{
"status": "affected",
"version": "4.3(1.230097)"
},
{
"status": "affected",
"version": "4.2(1e)"
},
{
"status": "affected",
"version": "4.2(1b)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.2(1f)"
},
{
"status": "affected",
"version": "4.2(1a)"
},
{
"status": "affected",
"version": "4.2(1c)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "4.3(1.230124)"
},
{
"status": "affected",
"version": "4.1(2l)"
},
{
"status": "affected",
"version": "4.2(3e)"
},
{
"status": "affected",
"version": "4.3(1.230138)"
},
{
"status": "affected",
"version": "4.2(3g)"
},
{
"status": "affected",
"version": "4.3(2.230207)"
},
{
"status": "affected",
"version": "4.2(3h)"
},
{
"status": "affected",
"version": "4.2(3i)"
},
{
"status": "affected",
"version": "4.3(2.230270)"
},
{
"status": "affected",
"version": "4.1(3m)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "4.3(2.240002)"
},
{
"status": "affected",
"version": "4.3(3.240022)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.1(3n)"
},
{
"status": "affected",
"version": "4.3(2.240009)"
},
{
"status": "affected",
"version": "4.3(3.240043)"
},
{
"status": "affected",
"version": "4.3(4.240142)"
},
{
"status": "affected",
"version": "4.3(2.240037)"
},
{
"status": "affected",
"version": "4.3(2.240053)"
},
{
"status": "affected",
"version": "4.3(4.240152)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.3(2.240077)"
},
{
"status": "affected",
"version": "4.3(4.242028)"
},
{
"status": "affected",
"version": "4.3(4.241063)"
},
{
"status": "affected",
"version": "4.3(4.242038)"
},
{
"status": "affected",
"version": "4.2(3m)"
},
{
"status": "affected",
"version": "4.3(2.240090)"
},
{
"status": "affected",
"version": "4.3(5.240021)"
},
{
"status": "affected",
"version": "4.3(2.240107)"
},
{
"status": "affected",
"version": "4.3(4.242066)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "4.3(5.250001)"
},
{
"status": "affected",
"version": "4.2(3o)"
},
{
"status": "affected",
"version": "4.3(2.250016)"
},
{
"status": "affected",
"version": "4.3(2.250021)"
},
{
"status": "affected",
"version": "4.3(5.250030)"
},
{
"status": "affected",
"version": "4.3(2.250022)"
},
{
"status": "affected",
"version": "4.3(6.250040)"
},
{
"status": "affected",
"version": "4.3(5.250033)"
},
{
"status": "affected",
"version": "4.3(6.250044)"
},
{
"status": "affected",
"version": "4.3(6.250053)"
},
{
"status": "affected",
"version": "4.3(2.250037)"
},
{
"status": "affected",
"version": "4.3(2.250045)"
},
{
"status": "affected",
"version": "4.3(4.252001)"
},
{
"status": "affected",
"version": "4.3(4.252002)"
},
{
"status": "affected",
"version": "6.0(1.250127)"
},
{
"status": "affected",
"version": "4.2(3p)"
},
{
"status": "affected",
"version": "6.0(1.250131)"
},
{
"status": "affected",
"version": "4.3(6.250101)"
},
{
"status": "affected",
"version": "4.3(6.250117)"
},
{
"status": "affected",
"version": "4.3(5.250043)"
},
{
"status": "affected",
"version": "4.3(6.250039)"
},
{
"status": "affected",
"version": "4.3(5.250045)"
},
{
"status": "affected",
"version": "4.3(6.250060)"
},
{
"status": "affected",
"version": "6.0(1.250130)"
},
{
"status": "affected",
"version": "4.3(4.241014)"
},
{
"status": "affected",
"version": "4.3(2.250063)"
},
{
"status": "affected",
"version": "4.3(6.260003)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Computing System E-Series Software (UCSE)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2.7"
},
{
"status": "affected",
"version": "3.2.6"
},
{
"status": "affected",
"version": "3.2.4"
},
{
"status": "affected",
"version": "3.2.10"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.3"
},
{
"status": "affected",
"version": "2.4.0"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.11.1"
},
{
"status": "affected",
"version": "3.2.8"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "2.3.2"
},
{
"status": "affected",
"version": "2.3.5"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "2.4.1"
},
{
"status": "affected",
"version": "2.3.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "2.3.3"
},
{
"status": "affected",
"version": "2.4.2"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.2.11.3"
},
{
"status": "affected",
"version": "3.2.11.5"
},
{
"status": "affected",
"version": "3.2.12.2"
},
{
"status": "affected",
"version": "3.2.13.6"
},
{
"status": "affected",
"version": "3.2.14"
},
{
"status": "affected",
"version": "4.11.1"
},
{
"status": "affected",
"version": "3.2.15"
},
{
"status": "affected",
"version": "4.12.1"
},
{
"status": "affected",
"version": "3.2.15.3"
},
{
"status": "affected",
"version": "4.12.2"
},
{
"status": "affected",
"version": "3.2.16.1"
},
{
"status": "affected",
"version": "4.00"
},
{
"status": "affected",
"version": "4.15.2"
},
{
"status": "affected",
"version": "4.02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as\u0026nbsp;Admin.\r\n\r\nThis vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an\u0026nbsp;Admin user, and gain access to the system as that user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T16:28:38.714Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cimc-auth-bypass-AgG2BxTn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn"
}
],
"source": {
"advisory": "cisco-sa-cimc-auth-bypass-AgG2BxTn",
"defects": [
"CSCwq55659"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Integrated Management Controller Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20093",
"datePublished": "2026-04-01T16:28:38.714Z",
"dateReserved": "2025-10-08T11:59:15.368Z",
"dateUpdated": "2026-04-02T03:56:12.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-20093\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-01T18:16:02.878763Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-01T18:16:05.809Z\"}}], \"cna\": {\"title\": \"Cisco Integrated Management Controller Authentication Bypass Vulnerability\", \"source\": {\"defects\": [\"CSCwq55659\"], \"advisory\": \"cisco-sa-cimc-auth-bypass-AgG2BxTn\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Enterprise NFV Infrastructure Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.1.1\"}, {\"status\": \"affected\", \"version\": \"3.9.1\"}, {\"status\": \"affected\", \"version\": \"3.5.2\"}, {\"status\": \"affected\", \"version\": \"3.12.2\"}, {\"status\": \"affected\", \"version\": \"3.6.2\"}, {\"status\": \"affected\", \"version\": \"3.9.2\"}, {\"status\": \"affected\", \"version\": \"3.11.3\"}, {\"status\": \"affected\", \"version\": \"3.11.1\"}, {\"status\": \"affected\", \"version\": \"3.5.1\"}, {\"status\": \"affected\", \"version\": \"3.3.1\"}, {\"status\": \"affected\", \"version\": \"3.10.2\"}, {\"status\": \"affected\", \"version\": \"3.12.1b\"}, {\"status\": \"affected\", \"version\": \"3.4.1\"}, {\"status\": \"affected\", \"version\": \"3.12.1a\"}, {\"status\": \"affected\", \"version\": \"3.6.3\"}, {\"status\": \"affected\", \"version\": \"3.8.1\"}, {\"status\": \"affected\", \"version\": \"3.11.2\"}, {\"status\": \"affected\", \"version\": \"3.12.1\"}, {\"status\": \"affected\", \"version\": \"3.12.3\"}, {\"status\": \"affected\", \"version\": \"3.10.1\"}, {\"status\": \"affected\", \"version\": \"3.6.1\"}, {\"status\": \"affected\", \"version\": \"3.10.3\"}, {\"status\": \"affected\", \"version\": \"3.7.1\"}, {\"status\": \"affected\", \"version\": \"4.1.2\"}, {\"status\": \"affected\", \"version\": \"4.2.1\"}, {\"status\": \"affected\", \"version\": \"4.2.2\"}, {\"status\": \"affected\", \"version\": \"4.4.1\"}, {\"status\": \"affected\", \"version\": \"4.4.2\"}, {\"status\": \"affected\", \"version\": \"4.5.1\"}, {\"status\": \"affected\", \"version\": \"4.4.3\"}, {\"status\": \"affected\", \"version\": \"4.6.1\"}, {\"status\": \"affected\", \"version\": \"4.7.1\"}, {\"status\": \"affected\", \"version\": \"4.6.2-FC2\"}, {\"status\": \"affected\", \"version\": \"4.6.2-FC3\"}, {\"status\": \"affected\", \"version\": \"4.6.2\"}, {\"status\": \"affected\", \"version\": \"4.8.1\"}, {\"status\": \"affected\", \"version\": \"4.8.2\"}, {\"status\": \"affected\", \"version\": \"4.9.1\"}, {\"status\": \"affected\", \"version\": \"4.6.3\"}, {\"status\": \"affected\", \"version\": \"4.9.2-FC5\"}, {\"status\": \"affected\", \"version\": \"4.9.2\"}, {\"status\": \"affected\", \"version\": \"4.10.1\"}, {\"status\": \"affected\", \"version\": \"4.9.3\"}, {\"status\": \"affected\", \"version\": \"4.11.1\"}, {\"status\": \"affected\", \"version\": \"4.9.4\"}, {\"status\": \"affected\", \"version\": \"4.12.1\"}, {\"status\": \"affected\", \"version\": \"4.6.4\"}, {\"status\": \"affected\", \"version\": \"4.12.2\"}, {\"status\": \"affected\", \"version\": \"4.13.1\"}, {\"status\": \"affected\", \"version\": \"4.9.4-ES8\"}, {\"status\": \"affected\", \"version\": \"4.9.5\"}, {\"status\": \"affected\", \"version\": \"4.12.3\"}, {\"status\": \"affected\", \"version\": \"4.6.5-ES1\"}, {\"status\": \"affected\", \"version\": \"4.9.4-ES9\"}, {\"status\": \"affected\", \"version\": \"4.14.1\"}, {\"status\": \"affected\", \"version\": \"4.6.3-FC4\"}, {\"status\": \"affected\", \"version\": \"4.9.4-FC3\"}, {\"status\": \"affected\", \"version\": \"4.12.4\"}, {\"status\": \"affected\", \"version\": \"4.15.1\"}, {\"status\": \"affected\", \"version\": \"4.9.6\"}, {\"status\": \"affected\", \"version\": \"4.16.1\"}, {\"status\": \"affected\", \"version\": \"4.15.2\"}, {\"status\": \"affected\", \"version\": \"4.12.5\"}, {\"status\": \"affected\", \"version\": \"4.15.3\"}, {\"status\": \"affected\", \"version\": \"4.15.4\"}, {\"status\": \"affected\", \"version\": \"4.18.1\"}, {\"status\": \"affected\", \"version\": \"4.12.6\"}, {\"status\": \"affected\", \"version\": \"4.18.2\"}, {\"status\": \"affected\", \"version\": \"4.18.2a\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Unified Computing System (Standalone)\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.0(2g)\"}, {\"status\": \"affected\", \"version\": \"3.1(2i)\"}, {\"status\": \"affected\", \"version\": \"3.1(1d)\"}, {\"status\": \"affected\", \"version\": \"4.0(4i)\"}, {\"status\": \"affected\", \"version\": \"4.1(1c)\"}, {\"status\": \"affected\", \"version\": \"4.0(2c)\"}, {\"status\": \"affected\", \"version\": \"4.0(1e)\"}, {\"status\": \"affected\", \"version\": \"4.0(2h)\"}, {\"status\": \"affected\", \"version\": \"4.0(4h)\"}, {\"status\": \"affected\", \"version\": \"4.0(1h)\"}, {\"status\": \"affected\", \"version\": \"4.0(2l)\"}, {\"status\": \"affected\", \"version\": \"3.1(3g)\"}, {\"status\": \"affected\", \"version\": \"4.0(1.240)\"}, {\"status\": \"affected\", \"version\": \"4.0(2f)\"}, {\"status\": \"affected\", \"version\": \"4.0(1g)\"}, {\"status\": \"affected\", \"version\": \"4.0(2i)\"}, {\"status\": \"affected\", \"version\": \"3.1(3i)\"}, {\"status\": \"affected\", \"version\": \"4.0(4d)\"}, {\"status\": \"affected\", \"version\": \"4.1(1d)\"}, {\"status\": \"affected\", \"version\": \"3.1(3c)\"}, {\"status\": \"affected\", \"version\": \"4.0(4k)\"}, {\"status\": \"affected\", \"version\": \"3.1(2d)\"}, {\"status\": \"affected\", \"version\": \"3.1(3a)\"}, {\"status\": \"affected\", \"version\": \"3.1(3j)\"}, {\"status\": \"affected\", \"version\": \"4.0(2d)\"}, {\"status\": \"affected\", \"version\": \"4.1(1f)\"}, {\"status\": \"affected\", \"version\": \"4.0(1c)\"}, {\"status\": \"affected\", \"version\": \"4.0(4f)\"}, {\"status\": \"affected\", \"version\": \"4.0(4c)\"}, {\"status\": \"affected\", \"version\": \"3.1(3d)\"}, {\"status\": \"affected\", \"version\": \"3.1(2g)\"}, {\"status\": \"affected\", \"version\": \"3.1(2c)\"}, {\"status\": \"affected\", \"version\": \"4.0(1d)\"}, {\"status\": \"affected\", \"version\": \"3.1(2e)\"}, {\"status\": \"affected\", \"version\": \"4.0(1a)\"}, {\"status\": \"affected\", \"version\": \"4.0(1b)\"}, {\"status\": \"affected\", \"version\": \"3.1(3b)\"}, {\"status\": \"affected\", \"version\": \"4.0(4b)\"}, {\"status\": \"affected\", \"version\": \"3.1(2b)\"}, {\"status\": \"affected\", \"version\": \"4.0(4e)\"}, {\"status\": \"affected\", \"version\": \"3.1(3h)\"}, {\"status\": \"affected\", \"version\": \"4.0(4l)\"}, {\"status\": \"affected\", \"version\": \"4.1(1g)\"}, {\"status\": \"affected\", \"version\": \"4.1(2a)\"}, {\"status\": \"affected\", \"version\": \"4.0(2n)\"}, {\"status\": \"affected\", \"version\": \"4.1(1h)\"}, {\"status\": \"affected\", \"version\": \"3.1(3k)\"}, {\"status\": \"affected\", \"version\": \"4.1(2b)\"}, {\"status\": \"affected\", \"version\": \"4.0(2o)\"}, {\"status\": \"affected\", \"version\": \"4.0(4m)\"}, {\"status\": \"affected\", \"version\": \"4.1(2d)\"}, {\"status\": \"affected\", \"version\": \"4.1(3b)\"}, {\"status\": \"affected\", \"version\": \"4.0(2p)\"}, {\"status\": \"affected\", \"version\": \"4.1(2e)\"}, {\"status\": \"affected\", \"version\": \"4.1(2f)\"}, {\"status\": \"affected\", \"version\": \"4.0(4n)\"}, {\"status\": \"affected\", \"version\": \"4.0(2q)\"}, {\"status\": \"affected\", \"version\": \"4.1(3c)\"}, {\"status\": \"affected\", \"version\": \"4.0(2r)\"}, {\"status\": \"affected\", \"version\": \"4.1(3d)\"}, {\"status\": \"affected\", \"version\": \"4.1(2g)\"}, {\"status\": \"affected\", \"version\": \"4.1(2h)\"}, {\"status\": \"affected\", \"version\": \"4.1(3f)\"}, {\"status\": \"affected\", \"version\": \"4.1(2j)\"}, {\"status\": \"affected\", \"version\": \"4.1(2k)\"}, {\"status\": \"affected\", \"version\": \"4.1(3h)\"}, {\"status\": \"affected\", \"version\": \"4.2(2a)\"}, {\"status\": \"affected\", \"version\": \"4.1(3i)\"}, {\"status\": \"affected\", \"version\": \"4.2(2f)\"}, {\"status\": \"affected\", \"version\": \"4.2(2g)\"}, {\"status\": \"affected\", \"version\": \"4.2(3b)\"}, {\"status\": \"affected\", \"version\": \"4.1(3l)\"}, {\"status\": \"affected\", \"version\": \"4.2(3d)\"}, {\"status\": \"affected\", \"version\": \"4.3(1.230097)\"}, {\"status\": \"affected\", \"version\": \"4.2(1e)\"}, {\"status\": \"affected\", \"version\": \"4.2(1b)\"}, {\"status\": \"affected\", \"version\": \"4.2(1j)\"}, {\"status\": \"affected\", \"version\": \"4.2(1i)\"}, {\"status\": \"affected\", \"version\": \"4.2(1f)\"}, {\"status\": \"affected\", \"version\": \"4.2(1a)\"}, {\"status\": \"affected\", \"version\": \"4.2(1c)\"}, {\"status\": \"affected\", \"version\": \"4.2(1g)\"}, {\"status\": \"affected\", \"version\": \"4.3(1.230124)\"}, {\"status\": \"affected\", \"version\": \"4.1(2l)\"}, {\"status\": \"affected\", \"version\": \"4.2(3e)\"}, {\"status\": \"affected\", \"version\": \"4.3(1.230138)\"}, {\"status\": \"affected\", \"version\": \"4.2(3g)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.230207)\"}, {\"status\": \"affected\", \"version\": \"4.2(3h)\"}, {\"status\": \"affected\", \"version\": \"4.2(3i)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.230270)\"}, {\"status\": \"affected\", \"version\": \"4.1(3m)\"}, {\"status\": \"affected\", \"version\": \"4.1(2m)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240002)\"}, {\"status\": \"affected\", \"version\": \"4.3(3.240022)\"}, {\"status\": \"affected\", \"version\": \"4.2(3j)\"}, {\"status\": \"affected\", \"version\": \"4.1(3n)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240009)\"}, {\"status\": \"affected\", \"version\": \"4.3(3.240043)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.240142)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240037)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240053)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.240152)\"}, {\"status\": \"affected\", \"version\": \"4.2(3l)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240077)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.242028)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.241063)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.242038)\"}, {\"status\": \"affected\", \"version\": \"4.2(3m)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240090)\"}, {\"status\": \"affected\", \"version\": \"4.3(5.240021)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240107)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.242066)\"}, {\"status\": \"affected\", \"version\": \"4.2(3n)\"}, {\"status\": \"affected\", \"version\": \"4.3(5.250001)\"}, {\"status\": \"affected\", \"version\": \"4.2(3o)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.250016)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.250021)\"}, {\"status\": \"affected\", \"version\": \"4.3(5.250030)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.250022)\"}, {\"status\": \"affected\", \"version\": \"4.3(6.250040)\"}, {\"status\": \"affected\", \"version\": \"4.3(5.250033)\"}, {\"status\": \"affected\", \"version\": \"4.3(6.250044)\"}, {\"status\": \"affected\", \"version\": \"4.3(6.250053)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.250037)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.250045)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.252001)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.252002)\"}, {\"status\": \"affected\", \"version\": \"6.0(1.250127)\"}, {\"status\": \"affected\", \"version\": \"4.2(3p)\"}, {\"status\": \"affected\", \"version\": \"6.0(1.250131)\"}, {\"status\": \"affected\", \"version\": \"4.3(6.250101)\"}, {\"status\": \"affected\", \"version\": \"4.3(6.250117)\"}, {\"status\": \"affected\", \"version\": \"4.3(5.250043)\"}, {\"status\": \"affected\", \"version\": \"4.3(6.250039)\"}, {\"status\": \"affected\", \"version\": \"4.3(5.250045)\"}, {\"status\": \"affected\", \"version\": \"4.3(6.250060)\"}, {\"status\": \"affected\", \"version\": \"6.0(1.250130)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.241014)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.250063)\"}, {\"status\": \"affected\", \"version\": \"4.3(6.260003)\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Unified Computing System E-Series Software (UCSE)\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.2.7\"}, {\"status\": \"affected\", \"version\": \"3.2.6\"}, {\"status\": \"affected\", \"version\": \"3.2.4\"}, {\"status\": \"affected\", \"version\": \"3.2.10\"}, {\"status\": \"affected\", \"version\": \"3.2.2\"}, {\"status\": \"affected\", \"version\": \"3.2.3\"}, {\"status\": \"affected\", \"version\": \"2.4.0\"}, {\"status\": \"affected\", \"version\": \"3.2.1\"}, {\"status\": \"affected\", \"version\": \"3.2.11.1\"}, {\"status\": \"affected\", \"version\": \"3.2.8\"}, {\"status\": \"affected\", \"version\": \"3.1.1\"}, {\"status\": \"affected\", \"version\": \"3.0.2\"}, {\"status\": \"affected\", \"version\": \"2.1.0\"}, {\"status\": \"affected\", \"version\": \"2.2.2\"}, {\"status\": \"affected\", \"version\": \"3.1.2\"}, {\"status\": \"affected\", \"version\": \"3.0.1\"}, {\"status\": \"affected\", \"version\": \"2.3.2\"}, {\"status\": \"affected\", \"version\": \"2.3.5\"}, {\"status\": \"affected\", \"version\": \"2.2.1\"}, {\"status\": \"affected\", \"version\": \"3.1.4\"}, {\"status\": \"affected\", \"version\": \"2.4.1\"}, {\"status\": \"affected\", \"version\": \"2.3.1\"}, {\"status\": \"affected\", \"version\": \"3.1.3\"}, {\"status\": \"affected\", \"version\": \"2.3.3\"}, {\"status\": \"affected\", \"version\": \"2.4.2\"}, {\"status\": \"affected\", \"version\": \"3.1.5\"}, {\"status\": \"affected\", \"version\": \"3.1.0\"}, {\"status\": \"affected\", \"version\": \"2.0.0\"}, {\"status\": \"affected\", \"version\": \"3.2.11.3\"}, {\"status\": \"affected\", \"version\": \"3.2.11.5\"}, {\"status\": \"affected\", \"version\": \"3.2.12.2\"}, {\"status\": \"affected\", \"version\": \"3.2.13.6\"}, {\"status\": \"affected\", \"version\": \"3.2.14\"}, {\"status\": \"affected\", \"version\": \"4.11.1\"}, {\"status\": \"affected\", \"version\": \"3.2.15\"}, {\"status\": \"affected\", \"version\": \"4.12.1\"}, {\"status\": \"affected\", \"version\": \"3.2.15.3\"}, {\"status\": \"affected\", \"version\": \"4.12.2\"}, {\"status\": \"affected\", \"version\": \"3.2.16.1\"}, {\"status\": \"affected\", \"version\": \"4.00\"}, {\"status\": \"affected\", \"version\": \"4.15.2\"}, {\"status\": \"affected\", \"version\": \"4.02\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn\", \"name\": \"cisco-sa-cimc-auth-bypass-AgG2BxTn\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as\u0026nbsp;Admin.\\r\\n\\r\\nThis vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an\u0026nbsp;Admin user, and gain access to the system as that user.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-20\", \"description\": \"Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2026-04-01T16:28:38.714Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-20093\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-02T03:56:12.925Z\", \"dateReserved\": \"2025-10-08T11:59:15.368Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2026-04-01T16:28:38.714Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…