Lucene search

K
ciscoCiscoCISCO-SA-DCNM-XSS-VULNS-GUUJ39GH
HistoryJan 20, 2021 - 4:00 p.m.

Cisco Data Center Network Manager Vulnerabilities

2021-01-2016:00:00
tools.cisco.com
54
cisco data center network manager
web-based management interface
vulnerabilities
software updates
cross-site scripting
reflected file download

EPSS

0.002

Percentile

54.1%

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) attack against a user of the interface.

For more information about these vulnerabilities, see the Details [“#details”] section of this advisory.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-xss-vulns-GuUJ39gh [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-xss-vulns-GuUJ39gh”]

Affected configurations

Vulners
Node
ciscodata_center_network_managerMatchany
OR
ciscodata_center_network_managerMatchany
VendorProductVersionCPE
ciscodata_center_network_manageranycpe:2.3:a:cisco:data_center_network_manager:any:*:*:*:*:*:*:*

EPSS

0.002

Percentile

54.1%

Related for CISCO-SA-DCNM-XSS-VULNS-GUUJ39GH