Strike ID:
E19-0ryc1
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
1
Year:
2019

Description

This strike exploits a path traversal vulnerability found in Cisco Data Center Network Manager DCNM. The vulnerability is due to incorrect permission settings in affected DCNM software. An unauthenticated attacker could exploit this vulnerability by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to write arbitrary files on the filesystem and execute code with root privileges on the affected device.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}