Improper Certificate Validation in Cisco Data Center Network Manager

#VU50062 Improper Certificate Validation in Cisco Data Center Network Manager

Published: 2021-01-20 | Updated: 2021-01-27

Vulnerability identifier: #VU50062

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-1276

CWE-ID: CWE-295

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco Data Center Network Manager
Server applications / Remote management servers, RDP, SSH

Vendor:

Description

The vulnerability allows a remote attacker to modify a specific API request that is used to verify a user's authentication token.

The vulnerability exists due to a lack of validation of the SSL certificate used when establishing a connection to the Device Manager application. A remote attacker can send a specially crafted HTTP request and alter a specific API request.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-cert-check-BdZZV9T3

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cisco Data Center Network Manager