CVE-2020-3382

CVE-2020-3382

A vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability exists because different installations share a static encryption key. An attacker could exploit this vulnerability by using the static key to craft a valid session token. A successful exploit could allow the attacker to perform arbitrary actions through the REST API with administrative privileges.

Source: CVE-2020-3382

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다