CVE-2021-1255

CWE-184CWE-20Improper Input ValidationCWE-8076 documents5 sources
Severity
5.4MEDIUM
EPSS
0.2%
top 62.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Data Center Network ManagerCisco Cisco Data Center Network Manager
Timeline
PublishedJan 20
Latest updateMay 24

Description

Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:NExploitability: 2.1 | Impact: 2.5

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-j94m-42w6-vqp7: Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, m2022-05-24
CVEList
Cisco Data Center Network Manager REST API Vulnerabilities2021-01-20

📋Vendor Advisories

1
Cisco
Cisco Data Center Network Manager REST API Vulnerabilities2021-01-20

🕵️Threat Intelligence

2
Talos
Vulnerability Spotlight: Information disclosure, privilege escalation vulnerabilities in IOBit Advanced SystemCare Ultimate2021-07-07
Talos
Vulnerability Spotlight: Information disclosure, privilege escalation vulnerabilities in IOBit Advanced SystemCare Ultimate2021-07-07