Cisco

Data Center Network Manager

68 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-20347

  • EPSS 0.07%
  • Veröffentlicht 27.08.2025 16:22:59
  • Zuletzt bearbeitet 08.09.2025 16:21:08

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affecte...

8.7

CVE-2025-20163

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 04.06.2025 16:17:44
  • Zuletzt bearbeitet 22.07.2025 16:58:34

A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker to impersonate Cisco NDFC-managed devices. This vulnerability is due to insufficient SSH host key validatio...

6.3

CVE-2020-3539

  • EPSS 0.19%
  • Veröffentlicht 18.11.2024 16:15:07
  • Zuletzt bearbeitet 31.07.2025 17:23:58

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to l...

8.1

CVE-2020-3538

  • EPSS 0.05%
  • Veröffentlicht 18.11.2024 16:15:07
  • Zuletzt bearbeitet 06.08.2025 14:01:21

A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient...

8.8

CVE-2024-20536

  • EPSS 0.33%
  • Veröffentlicht 06.11.2024 17:15:19
  • Zuletzt bearbeitet 07.08.2025 00:23:00

A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with read-only privileges to execute arbitrary SQL commands on an affected devic...

7.5

CVE-2024-20348

  • EPSS 0.65%
  • Veröffentlicht 03.04.2024 17:15:49
  • Zuletzt bearbeitet 07.05.2025 16:08:57

A vulnerability in the Out-of-Band (OOB) Plug and Play (PnP) feature of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker to read arbitrary files. This vulnerability is due to an unauthenticated provisi...

8.8

CVE-2024-20281

  • EPSS 1.52%
  • Veröffentlicht 03.04.2024 17:15:47
  • Zuletzt bearbeitet 07.05.2025 14:47:49

A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. T...

7.5

CVE-2023-44487

Warnung Medienbericht Exploit
  • EPSS 94.42%
  • Veröffentlicht 10.10.2023 14:15:10
  • Zuletzt bearbeitet 07.11.2025 19:00:41

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

10

CVE-2021-44228

Warnung Exploit
  • EPSS 94.36%
  • Veröffentlicht 10.12.2021 10:15:09
  • Zuletzt bearbeitet 27.10.2025 17:40:33

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An atta...

5.4

CVE-2021-1250

  • EPSS 0.19%
  • Veröffentlicht 20.01.2021 21:15:12
  • Zuletzt bearbeitet 21.11.2024 05:43:55

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD...