Cisco Digital Network Architecture Center vulnerabilities

CVE-2020-3391 [MEDIUM] CWE-200 CVE-2020-3391: A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, rem A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text. The vulnerability is due to insecure storage of certain unencrypted credentials on an affected device. An attacker could exploit this vulnerability by viewing the network device configuration and

CVE-2020-3281 [HIGH] CWE-532 CVE-2020-3281: A vulnerability in the audit logging component of Cisco Digital Network Architecture (DNA) Center co A vulnerability in the audit logging component of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text. The vulnerability is due to the storage of certain unencrypted credentials. An attacker could exploit this vulnerability by accessing the audit logs and obtaining cre

CVE-2019-1848 [CRITICAL] CWE-668 CVE-2019-1848: A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, a A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to ports necessary for system operation. An attacker could exploit this vulnerability by connecting an unautho

CVE-2019-1675 [HIGH] CWE-798 CVE-2019-1675: A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unaut A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker could exploit this vulnerability by guessing the account name

CVE-2018-15386 [CRITICAL] CWE-16 CVE-2018-15386: A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, r A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of the affected system. An attacker could exploit this vulnerability by direct

CVE-2018-0448 [CRITICAL] CWE-326 CVE-2018-0448: A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Cente A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and take complete control of identity management functions. The vulnerability is due to insufficient security restrictions for critical management functions. An attacker could

CVE-2018-5390 [HIGH] CWE-400 CVE-2018-5390: Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() an Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

CVE-2018-0268 [CRITICAL] CWE-358 CVE-2018-0268: A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA) Ce A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and gain elevated privileges. This vulnerability is due to an insecure default configuration of the Kubernetes container management subsystem within DNA Center. An attacker

CVE-2018-0271 [CRITICAL] CWE-287 CVE-2018-0271: A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allo A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and access critical services. The vulnerability is due to a failure to normalize URLs prior to servicing requests. An attacker could exploit this vulnerability by submitting a crafted URL

CVE-2018-0222 [CRITICAL] CWE-798 CVE-2018-0222: A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, r A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, static user credentials. The vulnerability is due to the presence of undocumented, static user credentials for the default administrative account for t

CVE-2018-0269 [MEDIUM] CWE-200 CVE-2018-0269: A vulnerability in the web framework of the Cisco Digital Network Architecture Center (DNA Center) c A vulnerability in the web framework of the Cisco Digital Network Architecture Center (DNA Center) could allow an unauthenticated, remote attacker to communicate with the Kong API server without restriction. The vulnerability is due to an overly permissive Cross Origin Resource Sharing (CORS) policy. An attacker could exploit this vulnerability by con