Multiple vulnerabilities in Cisco Integrated Management Controller

CERT-LatestNews ThreatsCybercrime ThreatsEconomic VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesCisco VulnerabilitiesNetwork

1) OS Command Injection. Severity: Medium. CVSSv3: [PCI] CVE-ID: CVE-2019-1850. CWE-ID: Description. CWE-78 – Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.