CVE-2019-1621
published 2019-06-27CVE-2019-1621: A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to gain…
PriorityP270high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
29.82%
98.0th percentile
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to gain access to sensitive files on an affected device. The vulnerability is due to incorrect permissions settings on affected DCNM software. An attacker could exploit this vulnerability by connecting to the web-based management interface of an affected device and requesting specific URLs. A successful exploit could allow the attacker to download arbitrary files from the underlying filesystem of the affected device.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_data_center_network_manager | >= unspecified < 11.2(1) | 11.2(1) |
| cisco | data_center_network_manager | — | — |
| cisco | data_center_network_manager | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests targeting the /fm/downloadServlet path on Cisco DCNM web management interfaces, especially unauthenticated requests or those specifying absolute filesystem paths as parameters. ↗
- →An attacker could exploit this vulnerability by connecting to the web-based management interface of an affected device and requesting specific URLs — alert on unexpected or unauthenticated access to download-related servlet endpoints. ↗
- ·Version 11.0(1) of DCNM requires authentication to exploit, unlike other affected versions where the servlet is accessible unauthenticated. ↗
- ·The vulnerability affects DCNM Linux virtual appliance versions including 10.4(2), 11.0(1), and 11.1(1), and likely several versions below 10.4(2). ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_cisco7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Data Center Network Manager Arbitrary File Download Vulnerability
vendor_cisco·2019-06-26·CVSS 7.5
CVE-2019-1621 [HIGH] CWE-264 Cisco Data Center Network Manager Arbitrary File Download Vulnerability
Cisco Data Center Network Manager Arbitrary File Download Vulnerability
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to gain access to sensitive files on an affected device.
The vulnerability is due to incorrect permissions settings on affected DCNM software. An attacker could exploit this vulnerability by connecting to the web-based management interface of an affected device and requesting specific URLs. A successful exploit could allow the attacker to download arbitrary files from the underlying filesystem of the affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at th
Cisco
Cisco Data Center Network Manager Arbitrary File Download Vulnerability
vendor_cisco·CVSS 3.0
CVE-2019-1621 Cisco Data Center Network Manager Arbitrary File Download Vulnerability
CVE-2019-1621: Cisco Data Center Network Manager Arbitrary File Download Vulnerability
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to gain access to sensitive files on an affected device. The vulnerability is due to incorrect permissions settings on affected DCNM software. An attacker could exploit this vulnerability by connecting to the web-based management interface of an affected device and requesting specific URLs. A successful exploit could allow the attacker to download arbitrary files from the underlying filesystem of the affected device. Cisco has released software updates that address this vulnerability. There are no
CVSS: 3.0
CWE: CWE-264, CWE-264
Bug IDs: CSCvo64651
GHSA
GHSA-cgcp-2f46-m8g4: A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to g
ghsa_unreviewed·2022-05-24
CVE-2019-1621 [HIGH] GHSA-cgcp-2f46-m8g4: A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to g
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to gain access to sensitive files on an affected device. The vulnerability is due to incorrect permissions settings on affected DCNM software. An attacker could exploit this vulnerability by connecting to the web-based management interface of an affected device and requesting specific URLs. A successful exploit could allow the attacker to download arbitrary files from the underlying filesystem of the affected device.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/153546/Cisco-Data-Center-Network-Manager-11.1-1-Remote-Code-Execution.htmlhttp://seclists.org/fulldisclosure/2019/Jul/7http://www.securityfocus.com/bid/108904https://seclists.org/bugtraq/2019/Jul/11https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190626-dcnm-file-dwnldhttp://packetstormsecurity.com/files/153546/Cisco-Data-Center-Network-Manager-11.1-1-Remote-Code-Execution.htmlhttp://seclists.org/fulldisclosure/2019/Jul/7http://www.securityfocus.com/bid/108904https://seclists.org/bugtraq/2019/Jul/11https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190626-dcnm-file-dwnld
2019-06-27
Published