Vulnerabilities > Cisco > Data Center Network Manager > 10.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-06 | CVE-2019-15975 | Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. | 9.8 |
| 2018-10-05 | CVE-2018-0440 | Improper Input Validation vulnerability in Cisco Data Center Network Manager A vulnerability in the web interface of Cisco Data Center Network Manager could allow an authenticated application administrator to execute commands on the underlying operating system with root-level privileges. | 7.2 |
| 2017-11-30 | CVE-2017-12347 | Cross-site Scripting vulnerability in Cisco Data Center Network Manager 10.2(1) Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. | 6.1 |
| 2017-11-30 | CVE-2017-12346 | Cross-site Scripting vulnerability in Cisco Data Center Network Manager 10.2(1) Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. | 6.1 |
| 2017-11-30 | CVE-2017-12345 | Cross-site Scripting vulnerability in Cisco Data Center Network Manager 10.2(1) Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. | 4.7 |
| 2017-11-30 | CVE-2017-12344 | Open Redirect vulnerability in Cisco Data Center Network Manager 10.2(1) Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. | 6.1 |