Cisco Systems this month issued six security advisories disclosing a total of 12 vulnerabilities the Data Center Network Manager, three of them critical.
Designated CVE-2019-15975, CVE-2019-15976 and CVE-2019-15977, the three most serious flaws could enable unauthenticated, remote attackers to bypass authentication measures and execute malicious actions with admin-level privileges. Collectively, the trio of vulnerabilities were assigned a CVSS base score of 9.8.
The first two were respectively found in the REST API endpoint and SOAP API endpoint, and is caused by the sharing of a static encryption key between installations. The remaining critical flaw was discovered in the web-based management interface and is due to static credentials.
Uncovered by Steven Seeley (aka mr_me) of Source Incite, in conjunction with Trend Micro’s Zero Day Initiative, these issues were fixed in Cisco DCNM Software releases 11.3(1) and later, as were the remaining bugs.
Of the seven high-level vulnerabilities, two are SQL injection flaws, three are path traversal bugs and two are command injection conditions. The two remaining, medium-level bugs consist of an XML external entity read access vulnerability and a JBoss EAP unauthorized access vulnerability.