Lucene search

CVE-2019-15980

🗓️ 06 Jan 2020 08:11:15Reported by ciscoType

cve🔗 web.nvd.nist.gov👁 40 Views🌐 WEB

Vulnerabilities in Cisco DCNM allow directory traversal attacks. Admin privileges required.

Reporter	Title	Published	Views	Family All 18
Zero Day Initiative	Cisco Data Center Network Manager DbAdminRest runZoneMigrationForBrocade Directory Traversal Remote Code Execution Vulnerability	3 Jan 202000:00	–	zdi
Zero Day Initiative	Cisco Data Center Network Manager DbAdminRest installSwitchLicense Directory Traversal Remote Code Execution Vulnerability	3 Jan 202000:00	–	zdi
Zero Day Initiative	Cisco Data Center Network Manager writeToFile Directory Traversal Remote Code Execution Vulnerability	3 Jan 202000:00	–	zdi
Zero Day Initiative	Cisco Data Center Network Manager DbAdminRest saveLicenseFileToServer Directory Traversal Remote Code Execution Vulnerability	3 Jan 202000:00	–	zdi
Zero Day Initiative	Cisco Data Center Network Manager reportTemplateUploadPolicy Directory Traversal Remote Code Execution Vulnerability	3 Jan 202000:00	–	zdi
Zero Day Initiative	Cisco Data Center Network Manager getDeployContent Directory Traversal Information Disclosure Vulnerability	3 Jan 202000:00	–	zdi
Zero Day Initiative	Cisco Data Center Network Manager ConfigArchiveRest getRestoreLog Directory Traversal Information Disclosure Vulnerability	3 Jan 202000:00	–	zdi
Source Incite	SRC-2020-0008 : Cisco Data Center Network Manager SystemFileDAO getFile Directory Traversal Information Disclosure Vulnerability	20 Nov 201900:00	–	srcincite
Source Incite	SRC-2020-0002 : Cisco Data Center Network Manager ConfigArchiveRest importConfiguration Directory Traversal Denial of Service Vulnerability	29 Aug 201900:00	–	srcincite
Source Incite	SRC-2020-0007 : Cisco Data Center Network Manager SystemFileDAO deleteFile Directory Traversal Denial of Service Vulnerability	20 Nov 201900:00	–	srcincite

Nvd

Node

cisco data_center_network_managerRange<11.3\(1\)

[
  {
    "product": "Cisco Data Center Network Manager",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "n/a",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-path-trav

Parameter	Position	Path	Description	CWE
path	path	/saveSystemData	Vulnerability allowing remote attackers to execute arbitrary code via improper validation of user-supplied path.	CWE-22

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Jan 2020 08:15Current

7.3High risk

Vulners AI Score7.3

CVSS29

CVSS37.2

EPSS0.60754

SSVC

CWE-22