CVE-2013-5490

Published: Sep 23, 2013Modified: Apr 29, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCud80148.

Affected (19)

Products: Cisco: Prime Data Center Network Manager

Cisco

1 product

Prime Data Center Network Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Prime Data Center Network Manager	Up to 6.1\(1b\)

Configuration B

18 vulnerable

Vulnerable Software	Affected Versions
Cisco Prime Data Center Network Manager	Version 4.1(2)
Cisco Prime Data Center Network Manager	Version 4.1(3)
Cisco Prime Data Center Network Manager	Version 4.1(4)
Cisco Prime Data Center Network Manager	Version 4.1(5)
Cisco Prime Data Center Network Manager	Version 4.2(1)
Cisco Prime Data Center Network Manager	Version 4.2(3)
Cisco Prime Data Center Network Manager	Version 5.0(2)
Cisco Prime Data Center Network Manager	Version 5.0(3)
Cisco Prime Data Center Network Manager	Version 5.1(1)
Cisco Prime Data Center Network Manager	Version 5.1(2)
Cisco Prime Data Center Network Manager	Version 5.1(3u)
Cisco Prime Data Center Network Manager	Version 5.2(2)
Cisco Prime Data Center Network Manager	Version 5.2(2a)
Cisco Prime Data Center Network Manager	Version 5.2(2b)
Cisco Prime Data Center Network Manager	Version 5.2(2c)
Cisco Prime Data Center Network Manager	Version 5.2(2e)
Cisco Prime Data Center Network Manager	Version 6.1(1a)
Cisco Prime Data Center Network Manager	Version 6.1(1b)