Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software.
For more information about these vulnerabilities, see the βDetailsβ section of this security advisory.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-dcnm [βhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-dcnmβ]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | prime_data_center_network_manager | any | cpe:2.3:a:cisco:prime_data_center_network_manager:any:*:*:*:*:*:*:* |