cisco-sa-20200102-dcnm-auth-bypass: Cisco Data Center Network Manager Authentication Bypass Vulnerabilities
First published: Thu Jan 02 2020(Updated: )
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-auth-bypass
Credit: Steven Seeley (mr_me) Source Incite Trend Microfor reporting these vulnerabilities.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Prime Data Center Network Manager (DCNM) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of cisco-sa-20200102-dcnm-auth-bypass?
The severity of cisco-sa-20200102-dcnm-auth-bypass is high due to the potential for an unauthenticated attacker to gain administrative privileges.
How do I fix cisco-sa-20200102-dcnm-auth-bypass?
To fix cisco-sa-20200102-dcnm-auth-bypass, apply the latest security patch provided by Cisco for the Data Center Network Manager.
Which versions of Cisco Data Center Network Manager are affected by cisco-sa-20200102-dcnm-auth-bypass?
Cisco Data Center Network Manager versions prior to the patched release are affected by cisco-sa-20200102-dcnm-auth-bypass.
What type of attacks can cisco-sa-20200102-dcnm-auth-bypass allow?
cisco-sa-20200102-dcnm-auth-bypass allows attackers to bypass authentication and execute arbitrary administrative actions.
Is there a workaround for cisco-sa-20200102-dcnm-auth-bypass?
No official workaround is provided for cisco-sa-20200102-dcnm-auth-bypass; applying the patch is the recommended action.
- agent/type
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- collector/cisco-advisory
- source/Cisco
- agent/author
- agent/weakness
- agent/title
- agent/severity
- agent/references
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco prime data center network manager (dcnm)