Cisco Data Center Network Manager Arbitrary File Download Vulnerability

According to its self-reported version, Cisco Data Center Network Manager is affected by an arbitrary file download vulnerability in the web-based management interface. An unauthenticated, remote attacker can exploit this, to download arbitrary files and disclose sensitive information. Please see...

Design/Logic Flaw

A vulnerability in the role-based access control RBAC functionality of Cisco Prime Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The vulnerability is due to the...

CVE-2017-6640

A vulnerability in Cisco Prime Data Center Network Manager DCNM Software could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root- or system-level privileges...

CVE-2017-6639

A vulnerability in the role-based access control RBAC functionality of Cisco Prime Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The vulnerability is due to the...

Cisco Prime Data Center Network Manager < 7.1(1) Directory Traversal Vulnerability

According to its self-reported version number, the Cisco Prime Data Center Network Manager DCNM installed on the remote host is affected by a directory traversal vulnerability in the fmserver servlet due to improper validation of user-supplied information. An unauthenticated, remote attacker, usi...

Directory traversal

Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager DCNM before 7.11 allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241...

CVE-2015-0666

Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager DCNM before 7.11 allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241...

Cisco Prime Data Center Network Manager 6.x XSS (credentialed check)

According to its self-reported version number, the version of Cisco Prime Data Center Network Manager DCNM installed on the remote host is affected by a cross-site scripting vulnerability due to insufficient validation of input parameters by its web server component. Using a specially crafted URL...

CVE-2014-3329

Cross-site scripting XSS vulnerability in the web-server component in Cisco Prime Data Center Network Manager DCNM 6.32 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum86620...

CVE-2014-3329

Cisco Prime Data Center Network Manager (DCNM) 6.x (including 6.3(2) and earlier) is affected by a cross-site scripting (XSS) vulnerability in the DCNM web-server component. The root cause is insufficient validation of input parameters, which allows a remote attacker to inject arbitrary web scrip...

CVE-2013-5490

Cisco Prime Data Center Network Manager DCNM before 6.21 allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, aka Bug ID CSCud80148...

Xxe

Cisco Prime Data Center Network Manager DCNM before 6.21 allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, aka Bug ID CSCud80148...

Cisco Releases Security Advisory for Cisco Prime Data Center Network Manager (DCNM)

Cisco has released three security advisories to address multiple vulnerabilities affecting various components of Cisco Prime Data Center Network Manager DCNM. These vulnerabilities may allow an unauthenticated, remote attacker to disclose file components and access text files on an affected devic...

Multiple Vulnerabilities in Cisco Prime Data Center Network Manager

Cisco Prime Data Center Network Manager DCNM contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to disclose file components, and access text files on an affected device. Various components of Cisco Prime DCNM are affected. These vulnerabilities can be exploited...

Cisco Prime Data Center Network Manager RMI Remote Code Execution (credentialed check)

According to its self-reported version number, the version of Cisco Prime Data Center Network Manager DCNM installed on the remote host is affected by a remote code execution vulnerability. Unauthorized users have access to the JBoss Application Server Remote Method Invocation services. A remote,...

Design/Logic Flaw

Cisco Prime Data Center Network Manager DCNM before 6.11 does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation RMI services, aka Bug ID CSCtz44924...

CVE-2012-5417

Cisco Prime Data Center Network Manager DCNM before 6.11 does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation RMI services, aka Bug ID CSCtz44924...