Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20180516-DNA2
HistoryMay 16, 2018 - 4:00 p.m.

Cisco Digital Network Architecture Center Authentication Bypass Vulnerability

2018-05-1616:00:00
tools.cisco.com
20

0.004 Low

EPSS

Percentile

73.2%

JSON

A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and access critical services.

The vulnerability is due to a failure to normalize URLs prior to servicing requests. An attacker could exploit this vulnerability by submitting a crafted URL designed to exploit the issue. A successful exploit could allow the attacker to gain unauthenticated access to critical services, resulting in elevated privileges in DNA Center.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-dna2 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-dna2”]

Affected configurations

Vulners
Node
ciscodigital_network_architecture_centerMatchany
OR
ciscodigital_network_architecture_centerMatchany

Related

prion 1
cvelist 1
nvd 1
cve 1
threatpost 1
prion
prion
Authentication flaw
2018-05-17 03:29:00
cvelist
cvelist
CVE-2018-0271
2018-05-17 03:00:00
nvd
nvd
CVE-2018-0271
2018-05-17 03:29:00
cve
cve
CVE-2018-0271
2018-05-17 03:29:00
threatpost
threatpost
Cisco Warns of Three Critical Bugs in Digital Network Architecture Platform
2018-05-17 16:16:56

0.004 Low

EPSS

Percentile

73.2%

JSON
Related for CISCO-SA-20180516-DNA2
prion1cvelist1nvd1cve1threatpost1