High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-10	CVE-2023-44487	Resource Exhaustion vulnerability in multiple products The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco CWE-400	7.5
2021-01-20	CVE-2021-1248	SQL Injection vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. network low complexity cisco CWE-89	7.2
2021-01-20	CVE-2021-1247	SQL Injection vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. network low complexity cisco CWE-89	8.8
2021-01-20	CVE-2021-1272	Server-Side Request Forgery (SSRF) vulnerability in Cisco Data Center Network Manager A vulnerability in the session validation feature of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. network low complexity cisco CWE-918	8.8
2021-01-20	CVE-2021-1133	Incomplete Blacklist vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. network low complexity cisco CWE-184	7.3
2020-07-31	CVE-2020-3384	Unspecified vulnerability in Cisco Data Center Network Manager A vulnerability in specific REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system with the privileges of the logged-in user. network low complexity cisco	8.2
2020-07-31	CVE-2020-3383	Improper Input Validation vulnerability in Cisco Data Center Network Manager A vulnerability in the archive utility of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. network low complexity cisco CWE-20	8.8
2020-07-31	CVE-2020-3377	OS Command Injection vulnerability in Cisco Data Center Network Manager A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to inject arbitrary commands on the affected device. network low complexity cisco CWE-78	8.8
2020-07-16	CVE-2020-3380	Argument Injection or Modification vulnerability in Cisco Data Center Network Manager A vulnerability in the CLI of Cisco Data Center Network Manager (DCNM) could allow an authenticated, local attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system. local low complexity cisco CWE-88	7.2
2020-01-06	CVE-2019-15984	SQL Injection vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. network low complexity cisco CWE-89	7.2