Lucene search
CiscoCISCO-SA-DCNM-SQL-INJ-OAQOOBPHistoryJan 20, 2021 - 4:00 p.m.
Cisco Data Center Network Manager SQL Injection Vulnerabilities
2021-01-2016:00:00
tools.cisco.com
43
cisco
data center
network manager
sql injection
rest api
vulnerabilities
software updates
advisory
EPSS
0.003
Percentile
68.6%
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device.
For more information about these vulnerabilities, see the Details [“#details”] section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-sql-inj-OAQOObP [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-sql-inj-OAQOObP”]
Affected configurations
Node
ciscodata_center_network_managerMatchany
ORciscodata_center_network_managerMatchany
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | data_center_network_manager | any | cpe:2.3:a:cisco:data_center_network_manager:any:*:*:*:*:*:*:* |
Related
nessus
nessus
prion
prion
Sql injection
2021-01-20 21:15:00
Sql injection
2021-01-20 21:15:00
cvelist
cvelist
nvd
nvd
CVE-2021-1248
2021-01-20 21:15:12
CVE-2021-1247
2021-01-20 21:15:12
cve
cve
CVE-2021-1247
2021-01-20 21:15:12
CVE-2021-1248
2021-01-20 21:15:12