← Retour aux CVEs

CVE-2018-15386

CRITICAL

9.8

Description

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of the affected system. An attacker could exploit this vulnerability by directly connecting to the exposed services. An exploit could allow the attacker to retrieve and modify critical system files.

Details CVE

Score CVSS v3.19.8

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie10/5/2018

Derniere modification11/21/2024

Sourcenvd

Observations honeypot0

Produits affectes

cisco:digital_network_architecture_center

Faiblesses (CWE)

CWE-16

References

http://www.securityfocus.com/bid/105504(psirt@cisco.com)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-dna-unauth-access(psirt@cisco.com)

http://www.securityfocus.com/bid/105504(af854a3a-2127-422b-91ae-364da2661108)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-dna-unauth-access(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.