You are here
Home > Preporuke > Ranjivosti Cisco Data Center Network Manager proizvoda

Ranjivosti Cisco Data Center Network Manager proizvoda

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-January-02.

The following PSIRT security advisories (1 Critical, 3 High, 1 Medium) were published at 16:00 UTC today.

Table of Contents:

1) Cisco Data Center Network Manager Authentication Bypass Vulnerabilities – SIR: Critical

2) Cisco Data Center Network Manager SQL Injection Vulnerabilities – SIR: High

3) Cisco Data Center Network Manager Path Traversal Vulnerabilities – SIR: High

4) Cisco Data Center Network Manager Command Injection Vulnerabilities – SIR: High

5) Cisco Data Center Network Manager XML External Entity Read Access Vulnerability – SIR: Medium

+——————————————————————–

1) Cisco Data Center Network Manager Authentication Bypass Vulnerabilities

CVE-2019-15975, CVE-2019-15976, CVE-2019-15977

SIR: Critical

CVSS Score v(3.0): 9.8

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-auth-bypass [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-auth-bypass”]

+——————————————————————–

2) Cisco Data Center Network Manager SQL Injection Vulnerabilities

CVE-2019-15984, CVE-2019-15985

SIR: High

CVSS Score v(3.0): 7.2

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-sql-inject [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-sql-inject”]

+——————————————————————–

3) Cisco Data Center Network Manager Path Traversal Vulnerabilities

CVE-2019-15980, CVE-2019-15981, CVE-2019-15982

SIR: High

CVSS Score v(3.0): 7.2

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-path-trav [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-path-trav”]

+——————————————————————–

4) Cisco Data Center Network Manager Command Injection Vulnerabilities

CVE-2019-15978, CVE-2019-15979

SIR: High

CVSS Score v(3.0): 7.2

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-comm-inject [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-comm-inject”]

+——————————————————————–

5) Cisco Data Center Network Manager XML External Entity Read Access Vulnerability

CVE-2019-15983

SIR: Medium

CVSS Score v(3.0): 4.9

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-xml-ext-entity [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-xml-ext-entity”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJeDhUmXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczuQsP/j/qYCVFWpGTWPe951X/qLscyymA
HQc/vq5bXOPioRmREpYXEfPAs3EGLAkJMwBploNixTpqeTAFh2d9yHxZSfCK8TjI
Gt7E3xuwBwwyaiGKEKetnNbXG35gsIEEdaHe4bYlf1jAld91No+IZ0o5+xWIp0YQ
h5FqzqxgZJDAmNidFIkOnoQx6YW7k9Z6vmtDwh/rK/Fy0Nes0CcOMFIVh29c4OnN
f7DdCYHzKaLwY8UUu9ykNltlDBlbyH6MXFrY0KjjLvBGcMETyFKVHu3/AJ6bZauS
Wuk40xyAqkjOPueqa5t+Nch0Ba1Hs9FMxDF8MNcEfv7UeZngdeIF6m27Q2tAhMg3
ba/mjBQVA7ec0LG/kjHgj9HqAbnFnf8mDd9GaMWyjbadLgOnlnqv2PijiWMbepo7
k2ZFWF123eaMlb0/pBNobiCaz2aKDoGudooEU/0xQuZ8t59IHVp2ZP7do5U1hvnb
YjKub4UOmw5FOiajnIGhU/L0ZA95qSNLshWR4Z0fRnoFnEZgrdDaMbnyAZ0vGWAd
wGl9y5Om4YxcE5gCD9TUnDHDzOPO8qe5MV/vk5HZvLxDVzapp1l2VuCQIrUXqJCT
yUK0dLxLg2R7Pr4eoBU67/WCTCk0i8TGe0YlKVwjvu9BCtdrGjBF1zdC+mxAH9YF
fctQ2pf+cWotpmrD
=l57u
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa java-1.8.0-ibm

Otkriveni su sigurnosni nedostaci u programskom paketu java-1.8.0-ibm za operacijski sustav Red Hat. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS...

Close