Cisco.Prime.DCNM.fileUpload.Arbitrary.File.Upload

description-logoDescription

This indicates an attack attempt to exploit an Arbitrary File Upload Vulnerability in Cisco Systems Prime Data Center Network Manager (DCNM).
A remote unauthenticated attacker could exploit this vulnerability by uploading and accessing a specially crafted JSP or any other executable files such as WAR files, which can lead to arbitrary code execution with System privileges. Note that on versions of the product prior to 11.1.1, authentication is required to exploit the vulnerability but it can be bypassed via CVE-2019-1619.

affected-products-logoAffected Products

Cisco Systems Prime Data Center Network Manager (DCNM) prior to 11.2(1)

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190626-dcnm-codex

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-08-16 14.671 Default_action:pass:drop
2019-07-18 14.653
2019-07-18 14.652
2019-07-18 14.651