CVE-2019-15999

Name of the Vulnerable Software and Affected Versions Cisco Data Center Network Manager (DCNM) (affected versions not specified)

Description The issue is related to an incorrect configuration of authentication settings on the JBoss Enterprise Application Platform (JBoss EAP) within the Cisco Data Center Network Manager (DCNM) application environment. This could allow an authenticated, remote attacker to gain unauthorized access to the JBoss EAP by exploiting the vulnerability using a specific low-privilege account. A successful exploit could result in the attacker gaining unauthorized access to the JBoss EAP, which should be limited to internal system accounts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.