Lucene search
HistoryMar 21, 2014 - 2:55 p.m.
CVE-2014-2276
cve-2014-2276
fileuploadcontroller
emc connectrix manager
converged network edition
cmcne
remote attackers
sensitive information
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.946 High
EPSS
Percentile
99.2%
The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| emc:connectrix_manager | emc connectrix manager | le | 12.1.2 |
Related
prion
prion
Design/Logic Flaw
2014-03-21 14:55:00
seebug
seebug
EMC Connectrix Manager Converged Network Edition θΏη¨δΏ‘ζ―ζ³ι²ζΌζ΄
2014-03-21 00:00:00
zdi
zdi
securityvulns
securityvulns
ESA-2014-018: EMC Connectrix Manager Converged Network Edition Information Disclosure Vulnerability
2014-03-24 00:00:00
EMC Connectrix Manager information leakage
2014-03-24 00:00:00
checkpoint_advisories
checkpoint_advisories
EMC CMCNE FileUploadController Information Disclosure (CVE-2014-2276)
2014-04-02 00:00:00
cvelist
cvelist
CVE-2014-2276
2014-03-21 14:00:00
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.946 High
EPSS
Percentile
99.2%
Related for CVE-2014-2276