Описание
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. These vulnerabilities are due to insufficient certificate validation when establishing HTTPS requests with the affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Уязвимые конфигурации
EPSS
7.5 High
CVSS3
6.5 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. These vulnerabilities are due to insufficient certificate validation when establishing HTTPS requests with the affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Уязвимость системы сетевого управления центром обработки данных Cisco Data Center Network Manager (DCNM), связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю оказать воздействие на целостность данных
EPSS
7.5 High
CVSS3
6.5 Medium
CVSS3
5.8 Medium
CVSS2