CVE-2019-15999

MEDIUM

Cisco Data Center Network Manager < 11.3(1) - Authenticated Unauthorized Access to JBoss EAP

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-15999. PoCs published by hantwister.

AI-analyzed exploit summary This exploit leverages JNDI to connect to a vulnerable Cisco DCNM JBoss server and retrieves server properties, including encrypted credentials, which are then decrypted using JBoss_4_2Encrypter. It targets a credential leakage vulnerability in Cisco DCNM.

Description

A vulnerability in the application environment of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to gain unauthorized access to the JBoss Enterprise Application Platform (JBoss EAP) on an affected device. The vulnerability is due to an incorrect configuration of the authentication settings on the JBoss EAP. An attacker could exploit this vulnerability by authenticating with a specific low-privilege account. A successful exploit could allow the attacker to gain unauthorized access to the JBoss EAP, which should be limited to internal system accounts.

Exploits (1)

exploitdb WORKING POC

by hantwister · textremotejava

https://www.exploit-db.com/exploits/47885

View Code ZIP pw:eip

This exploit leverages JNDI to connect to a vulnerable Cisco DCNM JBoss server and retrieves server properties, including encrypted credentials, which are then decrypted using JBoss_4_2Encrypter. It targets a credential leakage vulnerability in Cisco DCNM.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Cisco DCNM JBoss 10.4(2)

Auth required

Prerequisites: Access to Cisco DCNM JBoss server · Valid admin credentials (default: admin/nbv_12345) · Required .jar files from Cisco DCNM

MITRE ATT&CK

T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-unauth-access

Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/155870/Cisco-DCNM-JBoss-10.4-Credential-Leakage.html

Scores

CVSS v3 6.3

EPSS 0.0365

EPSS Percentile 88.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-284

Status published

Products (1)

cisco/data_center_network_manager < 11.3\(1\)

Published Jan 06, 2020

Tracked Since Feb 18, 2026