CVE-2021-1270

CWE-863Incorrect Authorization6 documents5 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 68.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Data Center Network ManagerCisco Cisco Data Center Network Manager
Timeline
PublishedJan 20
Latest updateMay 24

Description

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-f3xm-4hq3-2w74: Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attack2022-05-24
CVEList
Cisco Data Center Network Manager Authorization Bypass Vulnerabilities2021-01-20

📋Vendor Advisories

1
Cisco
Cisco Data Center Network Manager Authorization Bypass Vulnerabilities2021-01-20

🕵️Threat Intelligence

2
Talos
Vulnerability Spotlight: Multiple vulnerabilities in Advantech R-SeeNet2021-07-15
Talos
Vulnerability Spotlight: Multiple vulnerabilities in Advantech R-SeeNet2021-07-15