Two vulnerabilities in Cisco Prime Data Center Network Manager
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-6640 CVE-2017-6639 |
| CWE-ID | CWE-255 CWE-284 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco Prime Data Center Network Manager Server applications / Remote management servers, RDP, SSH |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Security bypass
EUVDB-ID: #VU7007
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6640
CWE-ID:
CWE-255 - Credentials Management
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to bypass security restrictions on the target system.
The weakness exists in Cisco Prime Data Center Network Manager (DCNM) Software due to use of default, static password by user account. A remote attacker can connect to an affected system and use the credentials for default user account to log in to the affected software and gain access to the administrative console of a DCNM server.
Successful exploitation of the vulnerability results in full access to the device.
Update to version 10.2(1).
Vulnerable software versionsCisco Prime Data Center Network Manager: 10.0.1.1 - 10.1.1.19
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-dcnm2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Security bypass
EUVDB-ID: #VU7008
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6639
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information or execute arbitrary code on the target system.
The weakness exists in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) due to the lack of authentication and authorization mechanisms for a debugging tool. A remote attacker can connect to the debugging tool via TCP and access sensitive information about the affected software or execute arbitrary code with root privileges.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Cisco Prime Data Center Network Manager: 10.1.1 S5 - 10.2.1
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-dcnm1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
