Описание
A vulnerability in the configuration restore feature of Cisco Nexus Data Broker software could allow an unauthenticated, remote attacker to perform a directory traversal attack on an affected device. The vulnerability is due to insufficient validation of configuration backup files. An attacker could exploit this vulnerability by persuading an administrator to restore a crafted configuration backup file. A successful exploit could allow the attacker to overwrite arbitrary files that are accessible through the affected software on an affected device.
Уязвимые конфигурации
EPSS
5.4 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in the configuration restore feature of Cisco Nexus Data Broker software could allow an unauthenticated, remote attacker to perform a directory traversal attack on an affected device. The vulnerability is due to insufficient validation of configuration backup files. An attacker could exploit this vulnerability by persuading an administrator to restore a crafted configuration backup file. A successful exploit could allow the attacker to overwrite arbitrary files that are accessible through the affected software on an affected device.
Уязвимость функции конфигурации посредника обработки данных Cisco Nexus Data Broker, позволяющая нарушителю перезаписать произвольные файлы
EPSS
5.4 Medium
CVSS3
5.8 Medium
CVSS2