Vulnerabilities > Cisco > Data Center Network Manager > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-12-10 CVE-2021-44228 Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. 10.0
2020-07-31 CVE-2020-3376 Missing Authentication for Critical Function vulnerability in Cisco Data Center Network Manager
A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device.
network
low complexity
cisco CWE-306
critical
9.8
2020-07-31 CVE-2020-3382 Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager
A vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.
network
low complexity
cisco CWE-798
critical
9.8
2020-01-06 CVE-2019-15975 Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.
network
low complexity
cisco CWE-798
critical
9.8
2020-01-06 CVE-2019-15976 Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.
network
low complexity
cisco CWE-798
critical
9.8
2019-06-27 CVE-2019-1619 Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager 10.4(2)
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.
network
low complexity
cisco CWE-798
critical
9.8
2019-06-27 CVE-2019-1620 Path Traversal vulnerability in Cisco Data Center Network Manager 11.0(1)
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to upload arbitrary files on an affected device.
network
low complexity
cisco CWE-22
critical
9.8