What is CVE-2019-1621?

CVE-2019-1621 is a high-severity vulnerability in Cisco Data Center Network Manager, classified under CWE-264. CVSS score: 7.5/10. Published 2019-06-27.

How severe is CVE-2019-1621?

High severity. CVSS v3 base score is 7.5 out of 10.

Is CVE-2019-1621 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Cisco Data Center Network Manager

CVE-2019-1621

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to gain access to sensitive files on an affected device. The vulnerability is due to incorrec…

EPSS: 0.594 (98.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Cisco Data Center Network Manager — versions unspecified

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

rapid7/metasploit-framework

References

20190626 Cisco Data Center Network Manager Arbitrary File Download Vulnerability (vendor-advisory, x_refsource_CISCO)
108904 (vdb-entry, x_refsource_BID)
20190708 Cisco Data Center Manager multiple vulns; RCE as root (mailing-list, x_refsource_BUGTRAQ)
packetstormsecurity.com/files/153546/Cisco-Data-Center-Network-Manager-11.1-1-R… (x_refsource_MISC)
20190709 Cisco Data Center Manager multiple vulns; RCE as root (mailing-list, x_refsource_FULLDISC)

Frequently asked questions

What is CVE-2019-1621?: CVE-2019-1621 is a high-severity vulnerability in Cisco Data Center Network Manager, classified under CWE-264. CVSS score: 7.5/10. Published 2019-06-27.
How severe is CVE-2019-1621?: High severity. CVSS v3 base score is 7.5 out of 10.
Is CVE-2019-1621 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.