Lucene search
Steven Seeley (mr_me) of Source InciteZDI-20-003HistoryJan 03, 2020 - 12:00 a.m.
Cisco Data Center Network Manager TrustedClientTokenValidator Hard-coded Cryptographic Key Authentication Bypass Vulnerability
2020-01-0300:00:00
Steven Seeley (mr_me) of Source Incite
www.zerodayinitiative.com
13
EPSS
0.421
Percentile
97.4%
This vulnerability allows remote attackers to bypass authentication on affected installations of Cisco Data Center Network Manager. The specific flaw exists within the processing of the dbadmin/addUser functionality. The issue results from trusting input that has been encrypted with a hard-coded and discoverable cryptographic key. An attacker can leverage this vulnerability to add new global admins to the system.
Related
cvelist
cvelist
cve
cve
CVE-2019-15975
2020-01-06 08:15:10
prion
prion
Authentication flaw
2020-01-06 08:15:00
metasploit
metasploit
Cisco DCNM auth bypass
2021-06-24 15:19:25
packetstorm
packetstorm
Cisco DCNM Auth Bypass
2024-08-31 00:00:00
Cisco Data Center Network Manager 11.2 Remote Code Execution
2020-02-06 00:00:00
nvd
nvd
CVE-2019-15975
2020-01-06 08:15:10
zdt
zdt
Cisco Data Center Network Manager 11.2 - Remote Code Execution Exploit
2020-02-06 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-06-25 16:15:03
exploitpack
exploitpack
Cisco Data Center Network Manager 11.2 - Remote Code Execution
2020-02-06 00:00:00
exploitdb
exploitdb
Cisco Data Center Network Manager 11.2 - Remote Code Execution
2020-02-06 00:00:00
cisco
cisco
Cisco Data Center Network Manager Authentication Bypass Vulnerabilities
2020-01-02 16:00:00
talosblog
talosblog
Threat Source newsletter (Jan. 9, 2019)
2020-01-10 07:13:41
threatpost
threatpost
3 Critical Bugs Allow Remote Attacks on Cisco NX-OS and Switches
2020-01-03 18:33:29
Critical Cisco Flaws Now Have PoC Exploit
2020-01-16 22:18:51
Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings
2020-01-24 19:27:45
nessus
nessus
Cisco Data Center Network Manager < 11.3(1) Multiple Vulnerabilities
2020-01-09 00:00:00