CERT mailing list archives
Cisco Releases Security Advisory for Cisco Prime Data Center Network Manager (DCNM)
From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Mon, 23 Sep 2013 10:18:04 -0500
NCCIC / US-CERT National Cyber Awareness System: Cisco Releases Security Advisory for Cisco Prime Data Center Network Manager (DCNM) [ https://www.us-cert.gov/ncas/current-activity/2013/09/22/Cisco-Releases-Security-Advisory-Cisco-Prime-Data-Center-Network ] 09/22/2013 02:57 PM EDT Original release date: September 22, 2013 | Last revised: September 23, 2013 Cisco has released three security advisories to address multiple vulnerabilities affecting various components of Cisco Prime Data Center Network Manager (DCNM). These vulnerabilities may allow an unauthenticated, remote attacker to disclose file components and access text files on an affected device. These vulnerabilities can be exploited independently on the same device; however, a release that is affected by one of the vulnerabilities may not be affected by the others. Cisco has released software updates to address the following vulnerabilities: * Cisco Prime DCNM Information Disclosure Vulnerability [ http://tools.cisco.com/security/center/viewAlert.x?alertId=30756 ] * Cisco Prime DCNM Remote Command Execution Vulnerabilities [ http://tools.cisco.com/security/center/viewAlert.x?alertId=30757 ] * Cisco Prime DCNM XML External Entity Injection Vulnerability [ http://tools.cisco.com/security/center/viewAlert.x?alertId=30758 ] US-CERT encourages users and administrators to review the following Cisco Security Advisory [ http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-dcnm ] and apply any necessary updates to help mitigate the risk. ________________________________________________________________________ This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy. ________________________________________________________________________ OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- Cisco Releases Security Advisory for Cisco Prime Data Center Network Manager (DCNM) US-CERT (Sep 23)