A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attacker to gain access to sensitive information that should be restricted. The attacker must have valid device credentials. This vulnerability is due to improper access controls on API endpoints. An attacker could exploit the vulnerability by sending a specific API request to an affected application. A successful exploit could allow the attacker to obtain sensitive information about other users who are configured with higher privileges on the application.
Metrics
Affected Vendors & Products
References
History
Thu, 07 Nov 2024 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2021-10-06T19:45:11.460777Z
Updated: 2024-11-07T21:51:01.994Z
Reserved: 2021-06-15T00:00:00
Link: CVE-2021-34782
Vulnrichment
Updated: 2024-08-04T00:19:48.191Z
NVD
Status : Modified
Published: 2021-10-06T20:15:18.677
Modified: 2024-11-21T06:11:11.420
Link: CVE-2021-34782
Redhat
No data.