Lucene search

K

Cisco Data Center Network Manager Security Vulnerabilities

cve
cve

CVE-2019-15983

A vulnerability in the SOAP API of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. To exploit this vulnerability, an attacker would need administrative privileges on the DCNM...

4.9CVSS

5.3AI Score

0.003EPSS

2020-01-06 08:15 AM
22
cve
cve

CVE-2019-15978

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS). For more information...

7.2CVSS

7.2AI Score

0.134EPSS

2020-01-06 08:15 AM
48
cve
cve

CVE-2019-15977

Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these...

7.5CVSS

7.6AI Score

0.967EPSS

2020-01-06 08:15 AM
77
cve
cve

CVE-2019-15975

Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these...

9.8CVSS

9.8AI Score

0.496EPSS

2020-01-06 08:15 AM
57
cve
cve

CVE-2019-15976

Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these...

9.8CVSS

9.8AI Score

0.967EPSS

2020-01-06 08:15 AM
60
cve
cve

CVE-2019-1621

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to gain access to sensitive files on an affected device. The vulnerability is due to incorrect permissions settings on affected DCNM software. An...

7.5CVSS

7.7AI Score

0.012EPSS

2019-06-27 03:15 AM
79
cve
cve

CVE-2019-1622

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to retrieve sensitive information from an affected device. The vulnerability is due to improper access controls for certain URLs on affected DCNM...

5.3CVSS

6.9AI Score

0.744EPSS

2019-06-27 03:15 AM
110
cve
cve

CVE-2019-1619

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper...

9.8CVSS

9.8AI Score

0.415EPSS

2019-06-27 03:15 AM
111
cve
cve

CVE-2019-1620

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to upload arbitrary files on an affected device. The vulnerability is due to incorrect permission settings in affected DCNM software. An attacker could.....

9.8CVSS

9.4AI Score

0.58EPSS

2019-06-27 03:15 AM
92
cve
cve

CVE-2018-0464

A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote attacker to conduct directory traversal attacks and gain access to sensitive files on the targeted system. The vulnerability is due to improper validation of user requests within the management...

8.1CVSS

8AI Score

0.018EPSS

2018-10-05 04:29 PM
23
cve
cve

CVE-2018-0450

A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the management interface on an affected device. The vulnerability is due to insufficient...

6.1CVSS

5.9AI Score

0.001EPSS

2018-10-05 02:29 PM
18
cve
cve

CVE-2018-0440

A vulnerability in the web interface of Cisco Data Center Network Manager could allow an authenticated application administrator to execute commands on the underlying operating system with root-level privileges. The vulnerability is due to incomplete input validation of user input within an HTTP...

7.2CVSS

7.1AI Score

0.001EPSS

2018-10-05 02:29 PM
24
cve
cve

CVE-2018-0258

A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability affects the following products: Cisco Prime Data....

9.8CVSS

9.4AI Score

0.004EPSS

2018-05-02 10:29 PM
28
cve
cve

CVE-2018-0144

A vulnerability in the web-based management interface of Cisco Prime Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

6.1CVSS

5.9AI Score

0.001EPSS

2018-03-08 07:29 AM
25
cve
cve

CVE-2018-0210

A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

8.8CVSS

9AI Score

0.002EPSS

2018-03-08 07:29 AM
28
cve
cve

CVE-2017-12345

Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site...

4.7CVSS

4.7AI Score

0.001EPSS

2017-11-30 09:29 AM
25
cve
cve

CVE-2017-12346

Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site...

6.1CVSS

6AI Score

0.001EPSS

2017-11-30 09:29 AM
24
cve
cve

CVE-2017-12347

Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site...

6.1CVSS

6AI Score

0.001EPSS

2017-11-30 09:29 AM
22
cve
cve

CVE-2017-12343

Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site...

8.8CVSS

7.7AI Score

0.002EPSS

2017-11-30 09:29 AM
24
cve
cve

CVE-2017-12344

Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site...

6.1CVSS

6AI Score

0.001EPSS

2017-11-30 09:29 AM
23
cve
cve

CVE-2017-6639

A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The vulnerability is due to.....

9.8CVSS

9.6AI Score

0.861EPSS

2017-06-08 01:29 PM
27
cve
cve

CVE-2017-6640

A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root- or system-level...

9.8CVSS

9.4AI Score

0.004EPSS

2017-06-08 01:29 PM
32
Total number of security vulnerabilities72