Lucene search

CiscoCVE-2019-15977

HistoryJan 06, 2020 - 8:15 a.m.

CVE-2019-15977

2020-01-0608:15:10

CWE-798

cisco

web.nvd.nist.gov

cisco

dcnm

authentication

vulnerabilities

security

cisco dcnm

cve-2019-15977

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.6

Confidence

High

EPSS

0.967

Percentile

99.6%

JSON

Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Affected configurations

Nvd

Node

ciscodata_center_network_managerRange<11.3\(1\)

VendorProductVersionCPE
ciscodata_center_network_manager*cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	data_center_network_manager	*	cpe:2.3:a:cisco:data_center_network_manager::::::::

CNA Affected

[
  {
    "product": "Cisco Data Center Network Manager",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "n/a",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]