Vulnerabilities > Cisco > Data Center Network Manager

DATE CVE VULNERABILITY TITLE RISK
2020-07-31 CVE-2020-3382 Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager
A vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.
network
low complexity
cisco CWE-798
critical
 9.8
9.8
2020-07-31 CVE-2020-3377 OS Command Injection vulnerability in Cisco Data Center Network Manager
A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to inject arbitrary commands on the affected device.
network
low complexity
cisco CWE-78
8.8
8.8
2020-07-31 CVE-2020-3376 Missing Authentication for Critical Function vulnerability in Cisco Data Center Network Manager
A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device.
network
low complexity
cisco CWE-306
critical
 9.8
9.8
2020-07-16 CVE-2020-3380 Argument Injection or Modification vulnerability in Cisco Data Center Network Manager
A vulnerability in the CLI of Cisco Data Center Network Manager (DCNM) could allow an authenticated, local attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system.
local
low complexity
cisco CWE-88
7.8
7.8
2020-07-16 CVE-2020-3349 Cross-site Scripting vulnerability in Cisco Data Center Network Manager
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device.
network
low complexity
cisco CWE-79
4.8
4.8
2020-07-16 CVE-2020-3348 Cross-site Scripting vulnerability in Cisco Data Center Network Manager
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device.
network
low complexity
cisco CWE-79
4.8
4.8
2020-06-18 CVE-2020-3356 Cross-site Scripting vulnerability in Cisco Data Center Network Manager
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
6.1
6.1
2020-06-18 CVE-2020-3355 Cross-site Scripting vulnerability in Cisco Data Center Network Manager
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
4.8
4.8
2020-06-18 CVE-2020-3354 Cross-site Scripting vulnerability in Cisco Data Center Network Manager
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
4.8
4.8
2020-02-19 CVE-2020-3114 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Data Center Network Manager
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
network
low complexity
cisco CWE-352
8.8
8.8