What is CVE-2020-3382?

CVE-2020-3382 is a critical-severity vulnerability in Cisco Data Center Network Manager, classified under Use of Hard-coded Credentials. CVSS score: 9.8/10. Published 2020-07-31.

How severe is CVE-2020-3382?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Cisco Data Center Network Manager

CVE-2020-3382

A vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vu…

EPSS: 0.101 (93.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cisco Data Center Network Manager — versions n/a

Weakness classification (CWE)

CWE-798 — Use of Hard-coded Credentials

References

20200729 Cisco Data Center Network Manager Authentication Bypass Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2020-3382?: CVE-2020-3382 is a critical-severity vulnerability in Cisco Data Center Network Manager, classified under Use of Hard-coded Credentials. CVSS score: 9.8/10. Published 2020-07-31.
How severe is CVE-2020-3382?: Critical severity. CVSS v3 base score is 9.8 out of 10.