CVE-2020-3521

Name of the Vulnerable Software and Affected Versions Cisco Data Center Network Manager (DCNM) Software (affected versions not specified)

Description The issue is related to a vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) Software, which could allow an authenticated, remote attacker to conduct directory traversal attacks. This is due to insufficient validation of user-supplied input to the API. An attacker with a low-privileged account could exploit this by sending a crafted request to the API, potentially allowing them to read arbitrary files on the affected system. The vulnerability may also enable a remote attacker to access protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.