CVE-2019-15984

Name of the Vulnerable Software and Affected Versions Cisco Data Center Network Manager (affected versions not specified)

Description The issue is related to multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager, which could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DCNM application. The vulnerabilities are associated with errors in input data validation, potentially allowing an attacker to gain unauthorized access to protected information, impact data integrity, or execute arbitrary commands in the underlying operating system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.