Vulnerabilities > CVE-2019-15999 - Unspecified vulnerability in Cisco Data Center Network Manager

047910
CVSS 6.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
LOW
network
low complexity
cisco
nessus
exploit available

Summary

A vulnerability in the application environment of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to gain unauthorized access to the JBoss Enterprise Application Platform (JBoss EAP) on an affected device. The vulnerability is due to an incorrect configuration of the authentication settings on the JBoss EAP. An attacker could exploit this vulnerability by authenticating with a specific low-privilege account. A successful exploit could allow the attacker to gain unauthorized access to the JBoss EAP, which should be limited to internal system accounts.

Exploit-Db

idEDB-ID:47885
last seen2020-01-08
modified2020-01-08
published2020-01-08
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/47885
titleCisco DCNM JBoss 10.4 - Credential Leakage

Nessus

NASL familyCISCO
NASL idCISCO-SA-20200102-DCNM.NASL
descriptionAccording to its self-reported version number, the instance of Cisco DCNM hosted on the remote server is prior to 11.3(1). It is, therefore, affected by multiple vulnerabilities: - An authentication bypass vulnerability exists in the REST API, SOAP API, and the web-based management interface due to a static encryption key being shared between installations. An unauthenticated, remote attacker can exploit this, via the REST API, SOAP API, or web-based management interface, to bypass authentication and execute arbitrary actions with administrative privileges. (CVE-2019-15975, CVE-2019-15976, CVE-2019-15977) - A command injection vulnerability exists in the REST API and SOAP API due to insufficient validation of user-supplied input. An authenticated, remote attacker can exploit this, via the APIs, to execute arbitrary commands. (CVE-2019-15978, CVE-2019-15979) - A path traversal vulnerability exists in the REST API and SOAP API due to insufficient validation of user-supplied input. An authenticated, remote attacker can exploit this, via the APIs, to read, write, or execute arbitrary files on the system. (CVE-2019-15980, CVE-2019-15981, CVE-2019-15982) - An XML external entity (XXE) vulnerability exists due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. An authenticated, remote attacker can exploit this, via specially crafted XML data in the SOAP API, to disclose sensitive information. (CVE-2019-15983) - A SQL injection (SQLi) vulnerability exists in the SOAP API and REST API due to improper validation of user-supplied input. An authenticated, remote attacker can exploit this to inject or manipulate SQL queries in the back-end database, resulting in the disclosure or manipulation of arbitrary data. (CVE-2019-15984, CVE-2019-15985, CVE-2019-15986) - A vulnerability exists in the authentication settings of the JBOSS EAP due to an incorrect configuration. An authenticated, remote attacker can exploit this by authentication with a specific low-privilege account, to gain unauthorized access to the JBOSS EAP. (CVE-2019-15999)
last seen2020-03-28
modified2020-01-09
plugin id132721
published2020-01-09
reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/132721
titleCisco Data Center Network Manager < 11.3(1) Multiple Vulnerabilities

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/155870/ciscodcnmjboss104-disclose.txt
idPACKETSTORM:155870
last seen2020-01-09
published2020-01-08
reporterHarrison Neal
sourcehttps://packetstormsecurity.com/files/155870/Cisco-DCNM-JBoss-10.4-Credential-Leakage.html
titleCisco DCNM JBoss 10.4 Credential Leakage