The vulnerability is due to improper handling of authentication tokens by the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker access to sensitive device information, which includes configuration files.
All 1.3.x versions of Cisco DNA Center software releases prior to 22.214.171.124
Refer to Cisco advisory for the complete list of affected products and their respective patches.