CVE-2015-0666

7.5

CVSS
High

PUBLISHED

Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers...

Exploited in the wild Remote Low complexity No user interaction

Vendor: Cisco
Product: Prime Data Center Network Manager
Published: Apr 03, 2015
EPSS: —

Description

Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241.

cisa edge

CVSS scores

CVSS v3.1 7.5 High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2.0 7.8

AV:N/AC:L/Au:N/C:C/I:N/A:N

Exploitation status

Exploited in the wild

Recorded 2022-03-25 00:00:00 UTC · Source

SSVC decision points

Exploitation: active
Automatable: Yes
Technical impact: partial

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Mar 25, 2022

Vulnerability detail