Cisco Releases Security Updates

Original release date: January 7, 2020

Cisco has released security updates to address multiple vulnerabilities in Data Center Network Manager (DCNM). A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories webpage.
 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

• Cisco Data Center Network Manager Authentication Bypass Vulnerabilities
• Cisco Data Center Network Manager SQL Injection Vulnerabilities
• Cisco Data Center Network Manager Path Traversal Vulnerabilities
• Cisco Data Center Network Manager Command Injection Vulnerabilities

Source link