Adding Cisco CVE-2019-15975

2025-08-04 08:44:25 +00:00 · 2020-01-06 07:37:44 +00:00 · 2020-01-06 07:37:44 +00:00 · ab26330cad
commit ab26330cad
parent a7adbc9075
1 changed files with 89 additions and 0 deletions
--- a/2019/15xxx/CVE-2019-15975.json
+++ b/2019/15xxx/CVE-2019-15975.json
@ -0,0 +1,89 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "psirt@cisco.com",
+        "DATE_PUBLIC": "2020-01-02T16:00:00-0800",
+        "ID": "CVE-2019-15975",
+        "STATE": "PUBLIC",
+        "TITLE": "Cisco Data Center Network Manager Authentication Bypass Vulnerabilities"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Cisco Data Center Network Manager ",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "affected": "<",
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "Cisco"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. "
+            }
+        ]
+    },
+    "exploit": [
+        {
+            "lang": "eng",
+            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "
+        }
+    ],
+    "impact": {
+        "cvss": {
+            "baseScore": "9.8",
+            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H ",
+            "version": "3.0"
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-798"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "name": "20200102 Cisco Data Center Network Manager Authentication Bypass Vulnerabilities",
+                "refsource": "CISCO",
+                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-auth-bypass"
+            }
+        ]
+    },
+    "source": {
+        "advisory": "cisco-sa-20200102-dcnm-auth-bypass",
+        "defect": [
+            [
+                "CSCvq85945",
+                "CSCvq89859",
+                "CSCvq89898"
+            ]
+        ],
+        "discovery": "INTERNAL"
+    }
+}