First published: Wed Jan 20 2021(Updated: )
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Data Center Network Manager | <11.4\(1\) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-1255.
The severity of CVE-2021-1255 is medium, with a CVSS score of 5.4.
The affected software is Cisco Data Center Network Manager up to version 11.4(1).
An authenticated remote attacker can exploit CVE-2021-1255 to view, modify, and delete data without proper authorization through the Cisco Data Center Network Manager REST API endpoint.
You can find more information about CVE-2021-1255 in the Cisco Security Advisory at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-api-path-TpTApx2p