Lucene search

CiscoCVE-2019-15976

HistoryJan 06, 2020 - 8:15 a.m.

CVE-2019-15976

2020-01-0608:15:10

CWE-798

cisco

web.nvd.nist.gov

cisco

dcnm

cve-2019-15976

authentication

vulnerabilities

remote attacker

administrative privileges

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.967

Percentile

99.6%

JSON

Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Affected configurations

Nvd

Node

ciscodata_center_network_managerRange<11.3\(1\)

VendorProductVersionCPE
ciscodata_center_network_manager*cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	data_center_network_manager	*	cpe:2.3:a:cisco:data_center_network_manager::::::::

CNA Affected

[
  {
    "product": "Cisco Data Center Network Manager",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "n/a",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]