CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3377

A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to inject arbitrary commands on the affected device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted arguments to a specific field within the application. A successful exploit could allow the attacker to run commands as the administrator on the DCNM.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.3%

CVSS Severity

CVSS v3 Score 6.3

CVSS v2 Score 6.5

References

Products affected by CVE-2020-3377

Cisco » Data Center Network Manager » Version: 11.0(1)

cpe:2.3:a:cisco:data_center_network_manager:11.0(1)
Cisco » Data Center Network Manager » Version: 11.1(1)

cpe:2.3:a:cisco:data_center_network_manager:11.1(1)
Cisco » Data Center Network Manager » Version: 11.2(1)

cpe:2.3:a:cisco:data_center_network_manager:11.2(1)
Cisco » Data Center Network Manager » Version: 11.3(1)

cpe:2.3:a:cisco:data_center_network_manager:11.3(1)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3377

Products

Pricing

Contact Us