THREATOPS
THREAT OPSThreat News › Cisco Integrated Management Controller Authentication Bypass Vulnerability

Cisco Integrated Management Controller Authentication Bypass Vulnerability

lowcisco_psirtPublished 2026-04-01

<p>A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as&nbsp;<em>Admin</em>.</p> <p>This vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an

Indicators of compromise

Original source: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Integrated%20Management%20Controller%20Authentication%20Bypass%20Vulnerability%26vs_k=1