Cisco has patched two critical vulnerabilities that affects its Data Center Network Manager (DCNM) product. Both are rated very high CVSS score of 9.8 and could be exploited without authentication.
The first “authentication bypass” vulnerability CVE-2019-1619 impacts the web-based management interface of Cisco Data Center Network Manager (DCNM). If left unpatched, an unauthenticated remote attacker could bypass authentication and execute arbitrary code with admin privileges.
“An attacker may obtain a valid session cookie without knowing the administrative user password by sending a specially crafted HTTP request to a specific web servlet that is available on affected devices,” Cisco stated in the security advisory.
Cisco also added that the vulnerability is caused by an improper session management on affected DCNM software.
In addition, Cisco patched a second “file upload and remote code execution” critical vulnerability CVE-2019-1620 in DCNM software. In this case, a remote unauthenticated attacker could upload arbitrary files on an affected device.
“An attacker may achieve creation of arbitrary files on the underlying DCNM filesystem by sending specially crafted data to a specific web servlet that is available on affected devices,” Cisco added.
Cisco also confirmed the vulnerability is due to incorrect permission settings in affected DCNM software.
Network administrators should apply the software updates to address the vulnerabilities described in the Cisco advisories.