CVE-2018-0269

A vulnerability in the web framework of the Cisco Digital Network Architecture Center DNA Center could allow an unauthenticated, remote attacker to communicate with the Kong API server without restriction. The vulnerability is due to an overly permissive Cross Origin Resource Sharing CORS policy...

CVE-2018-0269

Cisco DNA Center suffers an information-disclosure/unauthenticated-access risk due to an overly permissive CORS policy in its web framework, allowing a remote attacker to communicate with the Kong API server after deceiving a user with a malicious link. The issue is tied to DNA Center’s web API e...