CVE-2015-0666

Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers...

Basic Information

CVE State: PUBLISHED
Reserved Date: January 07, 2015
Published Date: April 03, 2015
Last Updated: November 15, 2024
Vendor: Cisco
Product: Prime Data Center Network Manager
Description: Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241.
Tags

CVSS Scores

CVSS v2.0

7.8

Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: partial

Exploit Status

Exploited in the Wild: Yes (2022-03-25 00:00:00 UTC) Source

References

http://www.securitytracker.com/id/1032009 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-dcnm

Known Exploited Vulnerability Information

Source	Added Date
CISA	2022-03-25 00:00:00 UTC

Timeline

CVE ID Reserved

January 07, 2015
CVE Published to Public

April 03, 2015
Added to KEVIntel

March 25, 2022