A vulnerability in Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to make the IMC IP interface inaccessible.

The vulnerability is due to incomplete sanitization of input for certain parameters.

An attacker could exploit this vulnerability by sending a crafted HTTP request to the IMC.

A successful exploit could allow the attacker to cause the IMC to become inaccessible via the IP interface, resulting in a denial of service (DoS) condition.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151211-imc
A vulnerability in Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to make the IMC IP interface inaccessible.

The vulnerability is due to incomplete sanitization of input for certain parameters.

An attacker could exploit this vulnerability by sending a crafted HTTP request to the IMC.

A successful exploit could allow the attacker to cause the IMC to become inaccessible via the IP interface, resulting in a denial of service (DoS) condition.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151211-imc

Security Impact Rating: Medium

CVE: CVE-2015-6399

Leave a Reply