CVE-2019-1619 — Vulnetix

CVE-2019-1619 PUBLISHED CVSS 9.800000190734863 CRITICAL

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper session management on affected DCNM software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to gain administrative access on the affected device.

EPSS 71.40% · 98.7th percentile

Risk Scores

CVSS 3.0

9.800000190734863

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

71.40%

98.7th percentile

Affected Products

Vendor	Product	Versions
cisco	data_center_network_manager	10.4\(2\)
Cisco	Cisco Data Center Network Manager	unspecified

Exploit Intelligence

Powershell Script to build token for CVE-2019-1619 (github-poc-repo)
Powershell Script to build token for CVE-2019-1619 (github-poc-repo)
Powershell Script to build token for CVE-2019-1619 (github-poc-repo)
Powershell Script to build token for CVE-2019-1619 (github-poc-repo)
Powershell Script to build token for CVE-2019-1619 (github-poc-repo)
Powershell Script to build token for CVE-2019-1619 (github-poc-repo)
Powershell Script to build token for CVE-2019-1619 (github-poc)
Powershell Script to build token for CVE-2019-1619 (github-poc)
Powershell Script to build token for CVE-2019-1619 (github-poc)
Powershell Script to build token for CVE-2019-1619 (github-poc)

…and 18 more exploits

Timeline

Jun 26, 2019 CVE Published
Jul 8, 2019 PoC Published
Sep 2, 2019 PoC Published
Sep 2, 2019 PoC Published
Sep 3, 2019 PoC Published
Jul 16, 2020 PoC Published
Apr 14, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Oct 26, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score

References

Open in Interactive Console →