Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software

Multiple Remote Code Execution and Cross-Site Scripting Vulnerabilities in Cisco Data Center Network Manager (DCNM) Software

CVE-2017-12347 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. Cisco Bug IDs: CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235, CSCvf68247.

Learn more about our Cis Benchmark Audit For Cisco.