Cisco Data Center Network Manager is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions with administrative privileges. This may lead to further attacks.
This issue is being tracked by Cisco bug ID CSCvo64641.
Cisco Data Center Network Manager (DCNM) software versions prior to 11.1(1) are vulnerable.
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
| Bugtraq ID: | 108902 |
| Class: | Design Error |
| CVE: | CVE-2019-1619 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 26 2019 12:00AM |
| Updated: | Jun 26 2019 12:00AM |
| Credit: | Pedro Ribeiro. |
| Vulnerable: | Cisco Data Center Network Manager 11.0(1) Cisco Data Center Network Manager 10.4(2) Cisco Data Center Network Manager 10.4(1) Cisco Data Center Network Manager 10.3(1) Cisco Data Center Network Manager 10.2(1) Cisco Data Center Network Manager 10.1(1) Cisco Data Center Network Manager 10.0(1) |
| Not Vulnerable: | Cisco Data Center Network Manager 11.1(1) |
References:
from SecurityFocus Vulnerabilities https://ift.tt/2J6MiIe
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.