7 matches found
IBM System Networking Switch Center Contention Condition Vulnerability
IBM System Networking Switch Center is a suite of applications used to remotely monitor and manage Ethernet converged switches from IBM USA, which was acquired by Lenovo of China. A contention condition vulnerability exists in IBM System Networking Switch Center versions prior to 7.3.1.5 and Leno...
CVE-2015-7820
Race condition in the administration-panel web service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal...
CVE-2015-7817
Race condition in the administration-panel web service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide FileReader.jsp input containing directory traversal...
Race condition
Race condition in the administration-panel web service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal...
CVE-2015-7820
CVE-2015-7820 is a race-condition vulnerability in IBM System Networking Switch Center (SNSC) and Lenovo Switch Center that, on affected releases, can let a remote attacker obtain privileged-account access and then abuse ZipDownload.jsp to read arbitrary files. The issue affects SNSC prior to 7.3...
CVE-2015-7817
Race condition in the administration-panel web service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide FileReader.jsp input containing directory traversal...
IBM System Networking Switch Center Local Privilege Escalation Vulnerability
This vulnerability allows local unprivileged attackers to execute arbitrary code on vulnerable installations of IBM System Networking Switch Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IBM SNSC Web Service, which listens by default on...