Multiple vulnerabilities in Cisco Prime Data Center Network Manager



Published: 2018-03-09
Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2018-0210
CVE-2018-0144
CWE-ID CWE-352
CWE-79
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Cisco Prime Data Center Network Manager
Server applications / Remote management servers, RDP, SSH

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Cross-site request forgery

EUVDB-ID: #VU10891

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-0210

CWE-ID: CWE-352 - Cross-Site Request Forgery (CSRF)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform CSRF attack.

The weakness exists due to insufficient CSRF protections on the web-based management interface. A remote attacker can create a specially crafted HTML page or URL, trick the victim into visiting it, gain access to the system and perform arbitrary actions.

Mitigation

Update to version 11.0(0.327)S0.

Vulnerable software versions

Cisco Prime Data Center Network Manager: 10.4.2 - 10.4.2

Cisco Prime Data Center Network Manager: 10.4.1.128 - 10.4.1.128

CPE2.3 External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-dcnm


Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Cross-site scripting

EUVDB-ID: #VU10892

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-0144

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists in the web-based management interface due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Update to version 10.4(1.128)S0, 10.4(1.128), 10.4(1.125)S0 or 10.4(1.125).

Vulnerable software versions

Cisco Prime Data Center Network Manager: 10.4.1.109 - 10.4.1.109

CPE2.3 External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-pdcnm


Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###