PT-2020-30: Multiple code execution in Cisco Integrated Management Controller (CIMC) Cisco Integrated Management Controller (CIMC)Severity:Severity level: High Impact: Multiple code execution in Cisco Integrated Management Controller (CIMC) Access Vector: Remote CVSS v3.1 Base Score: 9,8 Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X) CVE-2020-3470Vulnerability description:The vulnerabilities are caused by incorrect bounds checking when handling certain user data.Advisory status: 11.04.2020 - Vendor notification date 18.11.2020 - Security advisory publication date (https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-ucs-api-rce-UXwpeDHd.html) Credits:The vulnerability was discovered by Nikita Abramov, Positive Research Center (Positive Technologies Company)