cbcvebase.
CVE-2018-0271
published 2018-05-17

CVE-2018-0271: A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass…

PriorityP265critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.75%
84.3th percentile
A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and access critical services. The vulnerability is due to a failure to normalize URLs prior to servicing requests. An attacker could exploit this vulnerability by submitting a crafted URL designed to exploit the issue. A successful exploit could allow the attacker to gain unauthenticated access to critical services, resulting in elevated privileges in DNA Center. This vulnerability affects Cisco DNA Center Software Releases prior to 1.1.2. Cisco Bug IDs: CSCvi09394.

Affected

2 ranges
VendorProductVersion rangeFixed in
ciscodigital_network_architecture_center< 1.1.21.1.2
ciscodigital_network_architecture_center

Detection & IOCsextracted from sources · hover to see the quote

  • Exploit involves submitting a crafted URL that bypasses authentication due to failure to normalize URLs prior to servicing requests at the API gateway
  • Monitor for unauthenticated access attempts to critical/privileged API endpoints on Cisco DNA Center, particularly requests with unnormalized or path-traversal-style URL patterns (e.g., double slashes, encoded characters, dot-segments) targeting the API gateway
  • Successful exploitation results in elevated privileges in DNA Center — alert on privilege escalation events or unexpected administrative actions from unauthenticated sessions
  • ·Vulnerability affects Cisco DNA Center Software Releases prior to 1.1.2 only; patched versions are not affected
  • ·No workarounds are available; only the software update to 1.1.2 or later remediates the issue

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_cisco10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.