Cisco disclosed several vulnerabilities in its Data Center Network Manager (DCNM), including “critical” and “high severity. issues”
Cisco informed its customers about the presence of multiple security vulnerabilities in the web-based interface of the DCNM data center network management platform, including two critical security holes. The first critical issue tracked as CVE-2019-1620 that could be exploited by a remote, unauthenticated attacker to upload arbitrary files to the vulnerable device and execute code with root privileges.
“A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to upload arbitrary files on an affected device.” reads the security advisory.
“The vulnerability is due to incorrect permission settings in affected DCNM software. An attacker could exploit this vulnerability by uploading specially crafted data to the affected device. A successful exploit could allow the attacker to write arbitrary files on the filesystem and execute code with root privileges on the affected device.”
The second critical issue, tracked as CVE-2019-1619, could be exploited by a remote attacker to bypass authentication and perform arbitrary activities on the vulnerable devices with admin privileges. The flaw could be exploited by sending a specially crafted HTTP request to the affected device.
“A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.” reads the security advisory.
“The vulnerability is due to improper session management on affected DCNM software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to gain administrative access on the affected device.”
Cisco also addressed a DCNM issue, tracked as CVE-2019-1621, that could be exploited by a remote attacker to gain access to sensitive files and download them. An unauthenticated attacker could exploit the vulnerability by simply requesting specific URLs.
Another issue addressed by Cisco in the DCNM is a medium ‘severity’ information disclosure issue that could be exploited by an unauthenticated attacker to obtain log files and diagnostic information from the vulnerable device. Finally, Cisco fixed three other serious flaws.
All of these vulnerabilities were discovered the security researcher Pedro Ribeiro through the iDefense Vulnerability Contributor Program. The good news is that Cisco is not aware of attacks in the wild exploiting the flaws.
Source: https://securityaffairs.co/wordpress/87672/security/cisco-data-center-network-manager-flaws.html