Auto-merge PR#2989

2025-08-04 08:44:25 +00:00 · 2020-01-06 02:40:23 -05:00 · 2020-01-06 02:40:23 -05:00 · 3118bda314
commit 3118bda314
parent a7adbc9075 0c8383f423
1 changed files with 89 additions and 0 deletions
--- a/2019/15xxx/CVE-2019-15976.json
+++ b/2019/15xxx/CVE-2019-15976.json
@ -0,0 +1,89 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "psirt@cisco.com",
+        "DATE_PUBLIC": "2020-01-02T16:00:00-0800",
+        "ID": "CVE-2019-15976",
+        "STATE": "PUBLIC",
+        "TITLE": "Cisco Data Center Network Manager Authentication Bypass Vulnerabilities"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Cisco Data Center Network Manager ",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "affected": "<",
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "Cisco"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. "
+            }
+        ]
+    },
+    "exploit": [
+        {
+            "lang": "eng",
+            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "
+        }
+    ],
+    "impact": {
+        "cvss": {
+            "baseScore": "9.8",
+            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H ",
+            "version": "3.0"
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-798"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "name": "20200102 Cisco Data Center Network Manager Authentication Bypass Vulnerabilities",
+                "refsource": "CISCO",
+                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-auth-bypass"
+            }
+        ]
+    },
+    "source": {
+        "advisory": "cisco-sa-20200102-dcnm-auth-bypass",
+        "defect": [
+            [
+                "CSCvq85945",
+                "CSCvq89859",
+                "CSCvq89898"
+            ]
+        ],
+        "discovery": "INTERNAL"
+    }
+}