Cisco Bug: CSCvu50150 - Authorization bypass vulnerability on DCNM
Jul 21, 2020
- Cisco Data Center Network Manager
Known Affected Releases
Symptom: A malicious user that has non-admin privileges on the web ui can access the log details that are meant for administrators only. This gives the malicious user the ability to list all of the logs available and to read the individual logs. Conditions: Vulnerability is not dependent on device configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases