CVE-2021-1135

MEDIUM

Cisco DCNM - Info Disclosure

Title source: llm

Description

Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory.

References (1)

[Vendor Advisory] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-api-path-TpTApx2p

Scores

CVSS v3 4.6

EPSS 0.0017

EPSS Percentile 37.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Classification

CWE

CWE-184

Status published

Affected Products (1)

cisco/data_center_network_manager < 11.4\(1\)

Timeline

Published Jan 20, 2021

Tracked Since Feb 18, 2026