Описание
A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote attacker to conduct directory traversal attacks and gain access to sensitive files on the targeted system. The vulnerability is due to improper validation of user requests within the management interface. An attacker could exploit this vulnerability by sending malicious requests containing directory traversal character sequences within the management interface. An exploit could allow the attacker to view or create arbitrary files on the targeted system.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote attacker to conduct directory traversal attacks and gain access to sensitive files on the targeted system. The vulnerability is due to improper validation of user requests within the management interface. An attacker could exploit this vulnerability by sending malicious requests containing directory traversal character sequences within the management interface. An exploit could allow the attacker to view or create arbitrary files on the targeted system.
Уязвимость системы сетевого управления центром обработки данных Cisco Data Center Network Manager, связанная с ошибками проверки пользовательских запросов в интерфейсе управления, позволяющая нарушителю раскрыть или модифицировать защищаемую информацию
EPSS
8.1 High
CVSS3
5.5 Medium
CVSS2