CVE-2020-3386

Name of the Vulnerable Software and Affected Versions Cisco Data Center Network Manager (DCNM) (affected versions not specified)

Description The issue is related to insufficient authorization of certain API functions in the REST API endpoint, allowing an authenticated, remote attacker with low-privileged credentials to bypass authorization and potentially perform arbitrary actions with administrative privileges. This can be achieved by sending a crafted request to the API. The vulnerability is associated with weaknesses in the authorization mechanism of the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.