CVE-2020-3539

Name of the Vulnerable Software and Affected Versions Cisco Data Center Network Manager (DCNM) (affected versions not specified)

Description A vulnerability in the web-based management interface could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. This is due to a failure to limit access to resources intended for users with Administrator privileges. An attacker could exploit this by convincing a user to click a malicious URL, potentially allowing a low-privileged attacker to list, view, create, edit, and delete templates as if they had Administrator privileges.

Recommendations For all affected versions of Cisco Data Center Network Manager (DCNM), update to the latest software version that addresses this vulnerability. At the moment, there is no information about specific workarounds that address this vulnerability.