Cisco Digital Network Architecture (DNA) Center Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Summary

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text. The vulnerability is due to insecure storage of certain unencrypted credentials on an affected device.

Credit:

The information has been provided by Vendor

The original article can be found at:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-info-disc-6xsCyDYy


Details

An attacker could exploit this vulnerability by viewing the network device configuration and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to use those credentials to discover and manage network devices.

 

Vulnerable Systems:

Cisco Digital Network Architecture (DNA) Center

 

CVE Information:

CVE-2020-3391

 

Disclosure Timeline:
Published Date:7/2/2020

Categories: FeaturedNews