First published: Wed Jan 20 2021(Updated: )
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-authbypass-OHBPbxu
Credit: These vulnerabilities were found during internal security testing.
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Prime Data Center Network Manager (DCNM) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of cisco-sa-dcnm-authbypass-OHBPbxu is considered critical due to potential unauthorized access.
To fix cisco-sa-dcnm-authbypass-OHBPbxu, apply the latest security updates provided by Cisco for DCNM.
With cisco-sa-dcnm-authbypass-OHBPbxu, an attacker can view, modify, and delete data within the management interface.
Organizations using Cisco Data Center Network Manager (DCNM) are affected by cisco-sa-dcnm-authbypass-OHBPbxu.
Yes, an authenticated user can exploit cisco-sa-dcnm-authbypass-OHBPbxu to bypass authorization controls.