Cisco informed its customers about the presence of multiple security vulnerabilities in the web-based interface of the DCNM data center network management platform, including two critical security holes. The first critical issue tracked as CVE-2019-1620 that could be exploited by a remote, unauthenticated attacker to upload arbitrary files to the vulnerable device and execute code with root privileges.
“A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to upload arbitrary files on an affected device.” reads the security advisory.
“The vulnerability is due to incorrect permission settings in affected DCNM software. An attacker could exploit this vulnerability by uploading specially crafted data to the affected device. A successful exploit could allow the attacker to write arbitrary files on the filesystem and execute code with root privileges on the affected device.”
The second critical issue, tracked as CVE-2019-1619, could be exploited by a remote attacker to bypass authentication and perform arbitrary activities on the vulnerable devices with admin privileges. The flaw could be exploited by sending a specially crafted HTTP request to the affected device.
“A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.” reads the security advisory.
“The vulnerability is due to improper session management on affected DCNM software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to gain administrative access on the affected device.”
Cisco also addressed a DCNM issue, tracked as CVE-2019-1621, that could be exploited by a remote attacker to gain access to sensitive files and download them. An unauthenticated attacker could exploit the vulnerability by simply requesting specific URLs.
Another issue addressed by Cisco in the DCNM is a medium ‘severity’ information disclosure issue that could be exploited by an unauthenticated attacker to obtain log files and diagnostic information from the vulnerable device. Finally, Cisco fixed three other serious flaws.
All of these vulnerabilities were discovered the security researcher Pedro Ribeiro through the iDefense Vulnerability Contributor Program. The good news is that Cisco is not aware of attacks in the wild exploiting the flaws.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Cisco Data Center Network Manager, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
Google addressed a Chrome's Password Manager bug that caused user credentials to disappear temporarily for…
The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS…
Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks.…
Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report…
A critical flaw in some versions of Docker Engine can be exploited to bypass authorization…
The CVE-2024-21412 flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers…
This website uses cookies.