CVE-2021-1250— Cisco Data Center Network Manager Vulnerabilities
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-1250
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Data Center Network Manager Vulnerabilities
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Data Center Network Manager 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Data Center Network Manager(DCNM)是美国思科(Cisco)公司的一套数据中心管理系统。该系统适用于Cisco Nexus和MDS系列交换机,提供存储可视化、配置和故障排除等功能。 Cisco Data Center Network Manager 的 web-based management interface 存在跨站脚本漏洞,该漏洞允许具有网络操作员特权的远程攻击者对该界面的用户实施跨站脚本(XSS)攻击或反映文件下载(RFD)攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco Data Center Network Manager | n/a | - |
II. Public POCs for CVE-2021-1250
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-1250
请登录查看更多情报信息。
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-xss-vulns-GuUJ39ghvendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2021-1250
Same Patch Batch · Cisco · 2021-01-20 · 58 CVEs total
| CVE-2021-1138 | 9.8 CRITICAL | Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities |
| CVE-2021-1139 | 9.8 CRITICAL | Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities |
| CVE-2021-1140 | 9.8 CRITICAL | Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities |
| CVE-2021-1141 | 9.8 CRITICAL | Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities |
| CVE-2021-1142 | 9.8 CRITICAL | Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities |
| CVE-2021-1264 | 9.6 CRITICAL | Cisco DNA Center Command Runner Command Injection Vulnerability |
| CVE-2021-1302 | 8.8 HIGH | Cisco SD-WAN vManage Authorization Bypass Vulnerabilities |
| CVE-2021-1305 | 8.8 HIGH | Cisco SD-WAN vManage Authorization Bypass Vulnerabilities |
| CVE-2021-1272 | 8.8 HIGH | Cisco Data Center Network Manager Server-Side Request Forgery Vulnerability |
| CVE-2021-1248 | 8.8 HIGH | Cisco Data Center Network Manager SQL Injection Vulnerabilities |
| CVE-2021-1247 | 8.8 HIGH | Cisco Data Center Network Manager SQL Injection Vulnerabilities |
| CVE-2021-1304 | 8.8 HIGH | Cisco SD-WAN vManage Authorization Bypass Vulnerabilities |
| CVE-2021-1274 | 8.6 HIGH | Cisco SD-WAN Denial of Service Vulnerabilities |
| CVE-2021-1279 | 8.6 HIGH | Cisco SD-WAN Denial of Service Vulnerabilities |
| CVE-2021-1278 | 8.6 HIGH | Cisco SD-WAN Denial of Service Vulnerabilities |
| CVE-2021-1241 | 8.6 HIGH | Cisco SD-WAN Denial of Service Vulnerabilities |
| CVE-2021-1273 | 8.6 HIGH | Cisco SD-WAN Denial of Service Vulnerabilities |
| CVE-2021-1280 | 7.8 HIGH | Cisco Advanced Malware Protection for Endpoints and Immunet for Windows DLL Hijacking Vuln |
| CVE-2021-1276 | 7.5 HIGH | Cisco Data Center Network Manager Certificate Validation Vulnerabilities |
| CVE-2021-1277 | 7.5 HIGH | Cisco Data Center Network Manager Certificate Validation Vulnerabilities |
Showing top 20 of 58 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Cisco Data Center Network Manager
- CVE-2025-20347
Cisco Nexus Dashboard Fabric Controller Unauthorized REST AP - CVE-2025-20163
Cisco Nexus Dashboard Fabric Controller SSH Host Key Vulnera - CVE-2020-3538
Cisco Data Center Network Manager Path Traversal Vulnerabil - CVE-2020-3539
Cisco Data Center Network Manager Authorization Bypass Vulne - CVE-2024-20536
Cisco Nexus Dashboard Fabric Controller SQL Injection Vulner
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
Same weakness: CWE-20
V. Comments for CVE-2021-1250
No comments yet