Описание
A vulnerability in a specific REST API of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attacker with a low-privileged account could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to read arbitrary files on the affected system.
Уязвимые конфигурации
EPSS
5.3 Medium
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in a specific REST API of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attacker with a low-privileged account could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to read arbitrary files on the affected system.
Уязвимость реализации интерфейса REST API системы сетевого управления центром обработки данных Cisco Data Center Network Manager (DCNM), позволяющая нарушителю получить доступ к защищаемой информации
EPSS
5.3 Medium
CVSS3
6.5 Medium
CVSS3
4 Medium
CVSS2