Cisco is warning of several critical and high-severity flaws in its Data Center Network Manager (DCNM) for managing network platforms and switches. The flaws exist in the REST API of DCNM and the most serious of these could allow an unauthenticated, remote attacker to bypass authentication, and ultimately execute arbitrary actions with administrative privileges on a vulnerable device. The critical flaw (CVE-2020-3382) rates 9.8 out of 10 on the CVSS scale, making it critical in severity.
Source: https://threatpost.com/critical-high-severity-cisco-flaws-fixed-data-center-network-manager/157861/