VDB
CVE-2019-15975
CVE-2019-15975
PUBLISHED
CVSS 9.800000190734863 CRITICAL
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
EPSS 85.14% · 99.4th percentile
Risk Scores
CVSS 3.0
9.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
85.14%
99.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | data_center_network_manager | 0 |
| Cisco | Cisco Data Center Network Manager | unspecified |
Exploit Intelligence
- http://packetstormsecurity.com/files/156238/Cisco-Data-Center-Network-Manager-11.2-Remote-Code-Execution.html (nist-nvd)
- CIRCL exploited: CVE-2019-15975 (circl-sighting)
- CIRCL seen: CVE-2019-15975 (circl-sighting)
- CIRCL seen: CVE-2019-15975 (circl-sighting)
- CIRCL seen: CVE-2019-15975 (circl-sighting)
- 20200102 Cisco Data Center Network Manager Authentication Bypass Vulnerabilities (circl)
- Cisco Data Center Network Manager 11.2 - Remote Code Execution Exploit (0day-today)
- Cisco Data Center Network Manager 11.2 - Remote Code Execution Exploit (0day-today)
Timeline
- Jan 2, 2020 CVE Published
- Feb 6, 2020 PoC Published
- Feb 6, 2020 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 24, 2021 PoC Published
- Jun 25, 2021 EPSS Score
- Apr 1, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 9, 2023 EPSS Score
- Apr 24, 2023 EPSS Score
- May 11, 2023 EPSS Score
- Jun 28, 2023 EPSS Score
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-path-trav advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-auth-bypass advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-comm-inject advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-sql-inject advisory
- http://packetstormsecurity.com/files/156238/Cisco-Data-Center-Network-Manager-11.2-Remote-Code-Execution.html url
- https://nvd.nist.gov/vuln/detail/CVE-2019-15975 advisory