Vulnerabilities > Cisco > Data Center Network Manager > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
2021-01-20 CVE-2021-1248 Unspecified vulnerability in Cisco Data Center Network Manager
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device.
network
low complexity
cisco
7.2
2021-01-20 CVE-2021-1247 Unspecified vulnerability in Cisco Data Center Network Manager
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device.
network
low complexity
cisco
8.8
2021-01-20 CVE-2021-1272 Unspecified vulnerability in Cisco Data Center Network Manager
A vulnerability in the session validation feature of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system.
network
low complexity
cisco
8.8
2021-01-20 CVE-2021-1133 Unspecified vulnerability in Cisco Data Center Network Manager
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization.
network
low complexity
cisco
7.3
2020-08-26 CVE-2020-3519 Improper Input Validation vulnerability in Cisco Data Center Network Manager
A vulnerability in a specific REST API method of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device.
network
low complexity
cisco CWE-20
8.1
2020-07-31 CVE-2020-3386 Incorrect Authorization vulnerability in Cisco Data Center Network Manager
A vulnerability in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with a low-privileged account to bypass authorization on the API of an affected device.
network
low complexity
cisco CWE-863
8.8
2020-07-31 CVE-2020-3384 Unspecified vulnerability in Cisco Data Center Network Manager
A vulnerability in specific REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system with the privileges of the logged-in user.
network
low complexity
cisco
8.2
2020-07-31 CVE-2020-3383 Improper Input Validation vulnerability in Cisco Data Center Network Manager
A vulnerability in the archive utility of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.
network
low complexity
cisco CWE-20
8.8
2020-07-31 CVE-2020-3377 OS Command Injection vulnerability in Cisco Data Center Network Manager
A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to inject arbitrary commands on the affected device.
network
low complexity
cisco CWE-78
8.8