CVE-2026-20093

cis · integrated management controller (imc)

Cisco Integrated Management Controller Authentication Bypass Vulnerability

Description

A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an Admin user, and gain access to the system as that user.

Affected Products

Vendor	Product	Versions
cis	integrated management controller (imc)	4.1.1, 3.9.1, 3.5.2, 3.12.2, 3.6.2, 3.9.2, 3.11.3, 3.11.1, 3.5.1, 3.3.1, 3.10.2, 3.12.1b, 3.4.1, 3.12.1a, 3.6.3, 3.8.1, 3.11.2, 3.12.1, 3.12.3, 3.10.1, 3.6.1, 3.10.3, 3.7.1, 4.1.2, 4.2.1, 4.2.2, 4.4.1, 4.4.2, 4.5.1, 4.4.3, 4.6.1, 4.7.1, 4.6.2-FC2, 4.6.2-FC3, 4.6.2, 4.8.1, 4.8.2, 4.9.1, 4.6.3, 4.9.2-FC5, 4.9.2, 4.10.1, 4.9.3, 4.11.1, 4.9.4, 4.12.1, 4.6.4, 4.12.2, 4.13.1, 4.9.4-ES8, 4.9.5, 4.12.3, 4.6.5-ES1, 4.9.4-ES9, 4.14.1, 4.6.3-FC4, 4.9.4-FC3, 4.12.4, 4.15.1, 4.9.6, 4.16.1, 4.15.2, 4.12.5, 4.15.3, 4.15.4, 4.18.1, 4.12.6, 4.18.2, 4.18.2a, 4.0(2g), 3.1(2i), 3.1(1d), 4.0(4i), 4.1(1c), 4.0(2c), 4.0(1e), 4.0(2h), 4.0(4h), 4.0(1h), 4.0(2l), 3.1(3g), 4.0(1.240), 4.0(2f), 4.0(1g), 4.0(2i), 3.1(3i), 4.0(4d), 4.1(1d), 3.1(3c), 4.0(4k), 3.1(2d), 3.1(3a), 3.1(3j), 4.0(2d), 4.1(1f), 4.0(1c), 4.0(4f), 4.0(4c), 3.1(3d), 3.1(2g), 3.1(2c), 4.0(1d), 3.1(2e), 4.0(1a), 4.0(1b), 3.1(3b), 4.0(4b), 3.1(2b), 4.0(4e), 3.1(3h), 4.0(4l), 4.1(1g), 4.1(2a), 4.0(2n), 4.1(1h), 3.1(3k), 4.1(2b), 4.0(2o), 4.0(4m), 4.1(2d), 4.1(3b), 4.0(2p), 4.1(2e), 4.1(2f), 4.0(4n), 4.0(2q), 4.1(3c), 4.0(2r), 4.1(3d), 4.1(2g), 4.1(2h), 4.1(3f), 4.1(2j), 4.1(2k), 4.1(3h), 4.2(2a), 4.1(3i), 4.2(2f), 4.2(2g), 4.2(3b), 4.1(3l), 4.2(3d), 4.3(1.230097), 4.2(1e), 4.2(1b), 4.2(1j), 4.2(1i), 4.2(1f), 4.2(1a), 4.2(1c), 4.2(1g), 4.3(1.230124), 4.1(2l), 4.2(3e), 4.3(1.230138), 4.2(3g), 4.3(2.230207), 4.2(3h), 4.2(3i), 4.3(2.230270), 4.1(3m), 4.1(2m), 4.3(2.240002), 4.3(3.240022), 4.2(3j), 4.1(3n), 4.3(2.240009), 4.3(3.240043), 4.3(4.240142), 4.3(2.240037), 4.3(2.240053), 4.3(4.240152), 4.2(3l), 4.3(2.240077), 4.3(4.242028), 4.3(4.241063), 4.3(4.242038), 4.2(3m), 4.3(2.240090), 4.3(5.240021), 4.3(2.240107), 4.3(4.242066), 4.2(3n), 4.3(5.250001), 4.2(3o), 4.3(2.250016), 4.3(2.250021), 4.3(5.250030), 4.3(2.250022), 4.3(6.250040), 4.3(5.250033), 4.3(6.250044), 4.3(6.250053), 4.3(2.250037), 4.3(2.250045), 4.3(4.252001), 4.3(4.252002), 6.0(1.250127), 4.2(3p), 6.0(1.250131), 4.3(6.250101), 4.3(6.250117), 4.3(5.250043), 4.3(6.250039), 4.3(5.250045), 4.3(6.250060), 6.0(1.250130), 4.3(4.241014), 4.3(2.250063), 4.3(6.260003), 3.2.7, 3.2.6, 3.2.4, 3.2.10, 3.2.2, 3.2.3, 2.4.0, 3.2.1, 3.2.11.1, 3.2.8, 3.1.1, 3.0.2, 2.1.0, 2.2.2, 3.1.2, 3.0.1, 2.3.2, 2.3.5, 2.2.1, 3.1.4, 2.4.1, 2.3.1, 3.1.3, 2.3.3, 2.4.2, 3.1.5, 3.1.0, 2.0.0, 3.2.11.3, 3.2.11.5, 3.2.12.2, 3.2.13.6, 3.2.14, 4.11.1, 3.2.15, 4.12.1, 3.2.15.3, 4.12.2, 3.2.16.1, 4.00, 4.15.2, 4.02

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
cis	integrated management	cert_advisory	90%

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn

Related News (4 articles)

Tier B

BSI Advisories3h ago

[NEU] [hoch] Cisco Integrated Management Controller: Mehrere Schwachstellen

→ No new info (linked only)

Tier D

Heise Security5h ago

Cisco stopft teils kritische Lücken in mehreren Produkten

→ No new info (linked only)

Tier C

VulDB18h ago

CVE-2026-20093 | Cisco Enterprise NFV Infrastructure Software Password improper authentication (cisco-sa-cimc-auth-bypass-AgG2BxTn)

→ No new info (linked only)

Tier A

Cisco Security19h ago

Cisco Integrated Management Controller Authentication Bypass Vulnerability

→ No new info (linked only)

CVSS 3.19.8 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

CWECWE-20

PublishedApr 1, 2026

Last enriched14h agov2

Trending Score64

Source articles4

Independent4

Info Completeness7/14

Missing: versions, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-20160

Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability

Trending: 59

HIGHCVE-2026-20094

Cisco Integrated Management Controller Command Injection Vulnerability

Trending: 51

MEDIUMCVE-2026-20095

Cisco Integrated Management Controller Command Injection Vulnerability

Trending: 47

MEDIUMCVE-2026-20097

Cisco Integrated Management Controller Remote Code Execution Vulnerability

Trending: 47

MEDIUMCVE-2026-20096

Cisco Integrated Management Controller Command Injection Vulnerability

Trending: 47

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

Apr 1, 2026

Discovered by ZDM

Apr 1, 2026

Updated: vendor, product

Apr 1, 2026

Version History

Last enriched 14h ago

v2Tier C14h ago

Added vendor and product information, and updated exploit availability and active exploitation status.

vendorproduct

via VulDB

v116h ago

Initial creation

Description

Affected Products

Vendor

Product

Versions

cis

integrated management controller (imc)

4.1.1, 3.9.1, 3.5.2, 3.12.2, 3.6.2, 3.9.2, 3.11.3, 3.11.1, 3.5.1, 3.3.1, 3.10.2, 3.12.1b, 3.4.1, 3.12.1a, 3.6.3, 3.8.1, 3.11.2, 3.12.1, 3.12.3, 3.10.1, 3.6.1, 3.10.3, 3.7.1, 4.1.2, 4.2.1, 4.2.2, 4.4.1, 4.4.2, 4.5.1, 4.4.3, 4.6.1, 4.7.1, 4.6.2-FC2, 4.6.2-FC3, 4.6.2, 4.8.1, 4.8.2, 4.9.1, 4.6.3, 4.9.2-FC5, 4.9.2, 4.10.1, 4.9.3, 4.11.1, 4.9.4, 4.12.1, 4.6.4, 4.12.2, 4.13.1, 4.9.4-ES8, 4.9.5, 4.12.3, 4.6.5-ES1, 4.9.4-ES9, 4.14.1, 4.6.3-FC4, 4.9.4-FC3, 4.12.4, 4.15.1, 4.9.6, 4.16.1, 4.15.2, 4.12.5, 4.15.3, 4.15.4, 4.18.1, 4.12.6, 4.18.2, 4.18.2a, 4.0(2g), 3.1(2i), 3.1(1d), 4.0(4i), 4.1(1c), 4.0(2c), 4.0(1e), 4.0(2h), 4.0(4h), 4.0(1h), 4.0(2l), 3.1(3g), 4.0(1.240), 4.0(2f), 4.0(1g), 4.0(2i), 3.1(3i), 4.0(4d), 4.1(1d), 3.1(3c), 4.0(4k), 3.1(2d), 3.1(3a), 3.1(3j), 4.0(2d), 4.1(1f), 4.0(1c), 4.0(4f), 4.0(4c), 3.1(3d), 3.1(2g), 3.1(2c), 4.0(1d), 3.1(2e), 4.0(1a), 4.0(1b), 3.1(3b), 4.0(4b), 3.1(2b), 4.0(4e), 3.1(3h), 4.0(4l), 4.1(1g), 4.1(2a), 4.0(2n), 4.1(1h), 3.1(3k), 4.1(2b), 4.0(2o), 4.0(4m), 4.1(2d), 4.1(3b), 4.0(2p), 4.1(2e), 4.1(2f), 4.0(4n), 4.0(2q), 4.1(3c), 4.0(2r), 4.1(3d), 4.1(2g), 4.1(2h), 4.1(3f), 4.1(2j), 4.1(2k), 4.1(3h), 4.2(2a), 4.1(3i), 4.2(2f), 4.2(2g), 4.2(3b), 4.1(3l), 4.2(3d), 4.3(1.230097), 4.2(1e), 4.2(1b), 4.2(1j), 4.2(1i), 4.2(1f), 4.2(1a), 4.2(1c), 4.2(1g), 4.3(1.230124), 4.1(2l), 4.2(3e), 4.3(1.230138), 4.2(3g), 4.3(2.230207), 4.2(3h), 4.2(3i), 4.3(2.230270), 4.1(3m), 4.1(2m), 4.3(2.240002), 4.3(3.240022), 4.2(3j), 4.1(3n), 4.3(2.240009), 4.3(3.240043), 4.3(4.240142), 4.3(2.240037), 4.3(2.240053), 4.3(4.240152), 4.2(3l), 4.3(2.240077), 4.3(4.242028), 4.3(4.241063), 4.3(4.242038), 4.2(3m), 4.3(2.240090), 4.3(5.240021), 4.3(2.240107), 4.3(4.242066), 4.2(3n), 4.3(5.250001), 4.2(3o), 4.3(2.250016), 4.3(2.250021), 4.3(5.250030), 4.3(2.250022), 4.3(6.250040), 4.3(5.250033), 4.3(6.250044), 4.3(6.250053), 4.3(2.250037), 4.3(2.250045), 4.3(4.252001), 4.3(4.252002), 6.0(1.250127), 4.2(3p), 6.0(1.250131), 4.3(6.250101), 4.3(6.250117), 4.3(5.250043), 4.3(6.250039), 4.3(5.250045), 4.3(6.250060), 6.0(1.250130), 4.3(4.241014), 4.3(2.250063), 4.3(6.260003), 3.2.7, 3.2.6, 3.2.4, 3.2.10, 3.2.2, 3.2.3, 2.4.0, 3.2.1, 3.2.11.1, 3.2.8, 3.1.1, 3.0.2, 2.1.0, 2.2.2, 3.1.2, 3.0.1, 2.3.2, 2.3.5, 2.2.1, 3.1.4, 2.4.1, 2.3.1, 3.1.3, 2.3.3, 2.4.2, 3.1.5, 3.1.0, 2.0.0, 3.2.11.3, 3.2.11.5, 3.2.12.2, 3.2.13.6, 3.2.14, 4.11.1, 3.2.15, 4.12.1, 3.2.15.3, 4.12.2, 3.2.16.1, 4.00, 4.15.2, 4.02

Vendor

Product

Source

Confidence

cis

integrated management

cert_advisory

90%