CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0448

A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and take complete control of identity management functions. The vulnerability is due to insufficient security restrictions for critical management functions. An attacker could exploit this vulnerability by sending a valid identity management request to the affected system. An exploit could allow the attacker to view and make unauthorized modifications to existing system users as well as create new users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.2%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2018-0448

Cisco » Digital Network Architecture Center » Version: N/A

cpe:2.3:a:cisco:digital_network_architecture_center:-
Cisco » Digital Network Architecture Center » Version: 1.1

cpe:2.3:a:cisco:digital_network_architecture_center:1.1
Cisco » Digital Network Architecture Center » Version: 1.1.1

cpe:2.3:a:cisco:digital_network_architecture_center:1.1.1
Cisco » Digital Network Architecture Center » Version: 1.1.2

cpe:2.3:a:cisco:digital_network_architecture_center:1.1.2
Cisco » Digital Network Architecture Center » Version: 1.1.3

cpe:2.3:a:cisco:digital_network_architecture_center:1.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0448

Products

Pricing

Contact Us