The bug could allow unauthenticated attackers to steal sensitive information from vulnerable devices
Cisco has released security patches to address multiple critical security vulnerabilities impacting its Data Center Network Manager (DCNM) and SD-WAN software products.
The most notable among these flaws are three critical authentication bypass, authorisation bypass and buffer overflow bugs, which could allow a remote, unauthenticated attacker to steal sensitive information from affected devices.
CVE-2020-3382, which received a CVSS base score of 9.8 out of 10, is an authentication bypass bug existing in the REST API of Cisco DCNM, which could enable a remote attacker to run arbitrary commands on a vulnerable device, with administrative rights. ...
Support the originator by clicking the read the rest link below.
