Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2019-15975Hard-coded Credentials in Cisco Data Center Network Manager

CWE-798Hard-coded Credentials6 documents6 sources
Severity
9.8CRITICALNVD
EPSS
85.1%
top 0.64%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Cisco Data Center Network ManagerCisco Data Center Network Manager
Timeline
PublishedJan 6
Latest updateMay 24

Description

Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5cisco/cisco_data_center_network_managerunspecifiedn/a

🔴Vulnerability Details

2
GHSA
GHSA-m469-jmc4-66pp: Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker2022-05-24
CVEList
Cisco Data Center Network Manager Authentication Bypass Vulnerabilities2020-01-06

💥Exploits & PoCs

1
Exploit-DB
Cisco Data Center Network Manager 11.2 - Remote Code Execution2020-02-06

📋Vendor Advisories

1
Cisco
Cisco Data Center Network Manager Authentication Bypass Vulnerabilities2020-01-02
CVE-2019-15975 — Hard-coded Credentials in Cisco | cvebase