VYPR

Prime Data Center Network Manager

by Cisco Systems, Inc.

CVEs (11)

  • CVE-2018-0258CriMay 2, 2018
    risk 0.68cvss 9.8epss 0.50

    A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability affects the following…

  • CVE-2017-6639CriJun 8, 2017
    risk 0.67cvss 9.8epss 0.35

    A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The…

  • CVE-2017-6640CriJun 8, 2017
    risk 0.65cvss 9.8epss 0.11

    A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root- or…

  • CVE-2015-0666HigKEVApr 3, 2015
    risk 0.64cvss 7.5epss 0.41

    Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241.

  • CVE-2018-0144MedMar 8, 2018
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web-based management interface of Cisco Prime Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2013-5486Sep 23, 2013
    risk 0.09cvss epss 0.76

    Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be…

  • CVE-2014-3329Jul 29, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the web-server component in Cisco Prime Data Center Network Manager (DCNM) 6.3(2) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum86620.

  • CVE-2013-5490Sep 23, 2013
    risk 0.00cvss epss 0.02

    Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCud80148.

  • CVE-2013-5487Sep 23, 2013
    risk 0.00cvss epss 0.02

    DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCue77029.

  • CVE-2013-1196Apr 29, 2013
    risk 0.00cvss epss 0.00

    The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning…

  • CVE-2012-5417Nov 2, 2012
    risk 0.00cvss epss 0.03

    Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug…