PT-2018-1857 · Cisco · Cisco Digital Network Architecture (Dna) Center

Published

2018-10-03

Updated

2020-08-13

CVE-2018-15386

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cisco Digital Network Architecture (DNA) Center (affected versions not specified)

Description A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The issue is due to an insecure default configuration of the affected system. An attacker could exploit this by directly connecting to the exposed services, potentially allowing them to retrieve and modify critical system files.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-16

Related Identifiers

BDU:2018-01459

CVE-2018-15386

Affected Products

Cisco Digital Network Architecture (Dna) Center

PT-2018-1857 · Cisco · Cisco Digital Network Architecture (Dna) Center

CVE-2018-15386

Weakness Enumeration

Related Identifiers

Affected Products

References · 5