Vulnerabilities > CVE-2019-15999 - Unspecified vulnerability in Cisco Data Center Network Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
A vulnerability in the application environment of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to gain unauthorized access to the JBoss Enterprise Application Platform (JBoss EAP) on an affected device. The vulnerability is due to an incorrect configuration of the authentication settings on the JBoss EAP. An attacker could exploit this vulnerability by authenticating with a specific low-privilege account. A successful exploit could allow the attacker to gain unauthorized access to the JBoss EAP, which should be limited to internal system accounts.
Vulnerable Configurations
Exploit-Db
| id | EDB-ID:47885 |
| last seen | 2020-01-08 |
| modified | 2020-01-08 |
| published | 2020-01-08 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/47885 |
| title | Cisco DCNM JBoss 10.4 - Credential Leakage |
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20200102-DCNM.NASL |
| description | According to its self-reported version number, the instance of Cisco DCNM hosted on the remote server is prior to 11.3(1). It is, therefore, affected by multiple vulnerabilities: - An authentication bypass vulnerability exists in the REST API, SOAP API, and the web-based management interface due to a static encryption key being shared between installations. An unauthenticated, remote attacker can exploit this, via the REST API, SOAP API, or web-based management interface, to bypass authentication and execute arbitrary actions with administrative privileges. (CVE-2019-15975, CVE-2019-15976, CVE-2019-15977) - A command injection vulnerability exists in the REST API and SOAP API due to insufficient validation of user-supplied input. An authenticated, remote attacker can exploit this, via the APIs, to execute arbitrary commands. (CVE-2019-15978, CVE-2019-15979) - A path traversal vulnerability exists in the REST API and SOAP API due to insufficient validation of user-supplied input. An authenticated, remote attacker can exploit this, via the APIs, to read, write, or execute arbitrary files on the system. (CVE-2019-15980, CVE-2019-15981, CVE-2019-15982) - An XML external entity (XXE) vulnerability exists due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. An authenticated, remote attacker can exploit this, via specially crafted XML data in the SOAP API, to disclose sensitive information. (CVE-2019-15983) - A SQL injection (SQLi) vulnerability exists in the SOAP API and REST API due to improper validation of user-supplied input. An authenticated, remote attacker can exploit this to inject or manipulate SQL queries in the back-end database, resulting in the disclosure or manipulation of arbitrary data. (CVE-2019-15984, CVE-2019-15985, CVE-2019-15986) - A vulnerability exists in the authentication settings of the JBOSS EAP due to an incorrect configuration. An authenticated, remote attacker can exploit this by authentication with a specific low-privilege account, to gain unauthorized access to the JBOSS EAP. (CVE-2019-15999) |
| last seen | 2020-03-28 |
| modified | 2020-01-09 |
| plugin id | 132721 |
| published | 2020-01-09 |
| reporter | This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/132721 |
| title | Cisco Data Center Network Manager < 11.3(1) Multiple Vulnerabilities |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/155870/ciscodcnmjboss104-disclose.txt |
| id | PACKETSTORM:155870 |
| last seen | 2020-01-09 |
| published | 2020-01-08 |
| reporter | Harrison Neal |
| source | https://packetstormsecurity.com/files/155870/Cisco-DCNM-JBoss-10.4-Credential-Leakage.html |
| title | Cisco DCNM JBoss 10.4 Credential Leakage |