Cisco has released security updates to address vulnerabilities in Cisco Data Center Network Manager (DCNM). A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following advisories and apply the necessary updates:
- DCNM Arbitrary File Upload and Remote Code Execution Vulnerability cisco-sa-20190626-dcnm-codex
- DCNM Authentication Bypass Vulnerability cisco-sa-20190626-dcnm-bypass
- DCNM Arbitrary File Download Vulnerability cisco-sa-20190626-dcnm-file-dwnld
- DCNM Information Disclosure Vulnerability cisco-sa-20190626-dcnm-infodiscl