Description
Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCud80148.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-dcnm
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/87191
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/62485
Scores
EPSS
0.0171
EPSS Percentile
74.5%
Details
CWE
CWE-200
Status
published
Products (19)
cisco/prime_data_center_network_manager
5.2\(2e\)
cisco/prime_data_center_network_manager
6.1\(1a\)
cisco/prime_data_center_network_manager
4.1\(2\)
cisco/prime_data_center_network_manager
4.1\(3\)
cisco/prime_data_center_network_manager
4.1\(4\)
cisco/prime_data_center_network_manager
4.1\(5\)
cisco/prime_data_center_network_manager
4.2\(1\)
cisco/prime_data_center_network_manager
4.2\(3\)
cisco/prime_data_center_network_manager
5.0\(2\)
cisco/prime_data_center_network_manager
5.0\(3\)
... and 9 more
Published
Sep 23, 2013
Tracked Since
Feb 18, 2026