Cisco DCNM Informed Customers about Major Vulnerabilities

Cisco, DCNM, Data Center Network Manager, Accenture, iDefense service, Trend Micro’s Zero Day
Cisco DCNM Informed Customers about Major Vulnerabilities

Cisco warned its users about the release of software updates for its Data Center Network Manager product. It has been done to address serious vulnerabilities. Steven Seeley, a researcher from Source Incite, reported about the DCNM sensitivity to Cisco via Accenture’s iDefense service and Trend Micro’s Zero Day initiative.

Cisco released six advisories for twelve vulnerabilities that affected the network management solution and was rated three as critical and seven as high severity. The vulnerability could allow attackers to bypass authentication and carry out actions with control on the targeted device. The loopholes were tracked as CVE-2019-15975, CVE-2019-15976, and CVE-2019-15977. The problems occurred because of risky credentials and static encryption keys.

Source: https://www.securityweek.com/cisco-dcnm-users-warned-serious-vulnerabilities