Prime Data Center Network Manager
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-0258 | Cri | 0.68 | 9.8 | 0.50 | May 2, 2018 | A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability affects the following… | ||
| CVE-2017-6639 | Cri | 0.67 | 9.8 | 0.35 | Jun 8, 2017 | A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The… | ||
| CVE-2017-6640 | Cri | 0.65 | 9.8 | 0.11 | Jun 8, 2017 | A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root- or… | ||
| CVE-2015-0666 | Hig | 0.64 | 7.5 | 0.41 | KEV | Apr 3, 2015 | Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241. | |
| CVE-2018-0144 | Med | 0.40 | 6.1 | 0.02 | Mar 8, 2018 | A vulnerability in the web-based management interface of Cisco Prime Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2013-5486 | 0.09 | — | 0.76 | Sep 23, 2013 | Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be… | |||
| CVE-2014-3329 | 0.00 | — | 0.02 | Jul 29, 2014 | Cross-site scripting (XSS) vulnerability in the web-server component in Cisco Prime Data Center Network Manager (DCNM) 6.3(2) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum86620. | |||
| CVE-2013-5490 | 0.00 | — | 0.02 | Sep 23, 2013 | Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCud80148. | |||
| CVE-2013-5487 | 0.00 | — | 0.02 | Sep 23, 2013 | DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCue77029. | |||
| CVE-2013-1196 | 0.00 | — | 0.00 | Apr 29, 2013 | The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning… | |||
| CVE-2012-5417 | 0.00 | — | 0.03 | Nov 2, 2012 | Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug… |
- risk 0.68cvss 9.8epss 0.50
A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability affects the following…
- risk 0.67cvss 9.8epss 0.35
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The…
- risk 0.65cvss 9.8epss 0.11
A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root- or…
- risk 0.64cvss 7.5epss 0.41
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241.
- risk 0.40cvss 6.1epss 0.02
A vulnerability in the web-based management interface of Cisco Prime Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- CVE-2013-5486Sep 23, 2013risk 0.09cvss —epss 0.76
Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be…
- CVE-2014-3329Jul 29, 2014risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in the web-server component in Cisco Prime Data Center Network Manager (DCNM) 6.3(2) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum86620.
- CVE-2013-5490Sep 23, 2013risk 0.00cvss —epss 0.02
Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCud80148.
- CVE-2013-5487Sep 23, 2013risk 0.00cvss —epss 0.02
DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCue77029.
- CVE-2013-1196Apr 29, 2013risk 0.00cvss —epss 0.00
The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning…
- CVE-2012-5417Nov 2, 2012risk 0.00cvss —epss 0.03
Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug…