Cisco Data Center Network Manager Multiple Remote Security Vulnerabilities

Cisco Data Center Network Manager is prone to multiple remote security vulnerabilities because it fails to properly sanitize user-supplied input.

Successful exploits will allow attackers to execute arbitrary code within the context of the affected system, manipulate and spoof content, insert a crafted HTTP header into an HTTP response to cause a web page redirection to a possible malicious website, and/or to execute arbitrary HTML or script code in the browser of an unsuspecting user in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; this may aid in launching further attacks.

These issues are being tracked by Cisco Bug ID's CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235 and CSCvf68247.


 

Privacy Statement
Copyright 2010, SecurityFocus