Cisco

Data Center Network Manager

68 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-20347

  • EPSS 0.06%
  • Published 27.08.2025 16:22:59
  • Last modified 08.09.2025 16:21:08

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affecte...

8.7

CVE-2025-20163

Media report
  • EPSS 0.05%
  • Published 04.06.2025 16:17:44
  • Last modified 22.07.2025 16:58:34

A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker to impersonate Cisco NDFC-managed devices. This vulnerability is due to insufficient SSH host key validatio...

6.3

CVE-2020-3539

  • EPSS 0.19%
  • Published 18.11.2024 16:15:07
  • Last modified 31.07.2025 17:23:58

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to l...

8.1

CVE-2020-3538

  • EPSS 0.05%
  • Published 18.11.2024 16:15:07
  • Last modified 06.08.2025 14:01:21

A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient...

8.8

CVE-2024-20536

  • EPSS 0.33%
  • Published 06.11.2024 17:15:19
  • Last modified 07.08.2025 00:23:00

A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with read-only privileges to execute arbitrary SQL commands on an affected devic...

7.5

CVE-2024-20348

  • EPSS 0.65%
  • Published 03.04.2024 17:15:49
  • Last modified 07.05.2025 16:08:57

A vulnerability in the Out-of-Band (OOB) Plug and Play (PnP) feature of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker to read arbitrary files. This vulnerability is due to an unauthenticated provisi...

8.8

CVE-2024-20281

  • EPSS 1.52%
  • Published 03.04.2024 17:15:47
  • Last modified 07.05.2025 14:47:49

A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. T...

7.5

CVE-2023-44487

Warning Media report Exploit
  • EPSS 94.44%
  • Published 10.10.2023 14:15:10
  • Last modified 11.06.2025 17:29:54

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

10

CVE-2021-44228

Warning Exploit
  • EPSS 94.36%
  • Published 10.12.2021 10:15:09
  • Last modified 08.08.2025 18:52:00

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An atta...

5.4

CVE-2021-1250

  • EPSS 0.19%
  • Published 20.01.2021 21:15:12
  • Last modified 21.11.2024 05:43:55

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD...