|CVSS SCORE||9.8, (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)|
Data Center Network Manager
This vulnerability allows remote attackers to bypass authentication on affected installations of Cisco Data Center Network Manager.
The specific flaw exists within the processing of the dbadmin/addUser functionality. The issue results from trusting input that has been encrypted with a hard-coded and discoverable cryptographic key. An attacker can leverage this vulnerability to add new global admins to the system.
Cisco has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Steven Seeley (mr_me) of Source Incite