Lucene search
PRIOn knowledge basePRION:CVE-2021-34782HistoryOct 06, 2021 - 8:15 p.m.
Improper access control
2021-10-0620:15:00
PRIOn knowledge base
www.prio-n.com
8
A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attacker to gain access to sensitive information that should be restricted. The attacker must have valid device credentials. This vulnerability is due to improper access controls on API endpoints. An attacker could exploit the vulnerability by sending a specific API request to an affected application. A successful exploit could allow the attacker to obtain sensitive information about other users who are configured with higher privileges on the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dna_center | lt | 2.2.2.5 | |
| dna_center | ge | 2.2.3.0 | |
| dna_center | lt | 2.2.3.3 |
Related
cve
cve
CVE-2021-34782
2021-10-06 20:15:18
cvelist
cvelist
CVE-2021-34782 Cisco DNA Center Information Disclosure Vulnerability
2021-10-06 00:00:00
nvd
nvd
CVE-2021-34782
2021-10-06 20:15:18
cisco
cisco
Cisco DNA Center Information Disclosure Vulnerability
2021-10-06 16:00:00