| VID |
210201 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS).
* References:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-comm-inject
* Platforms Affected:
Cisco Data Center Network Manager (DCNM) 11.3 before |
| Recommendation |
Upgrade Cisco Data Center Network Manager (DCNM) to 11.3 later |
| Related URL |
CVE-2019-15979 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
