4 matches found
CVE-2015-7820
CVE-2015-7820 is a race-condition vulnerability in IBM System Networking Switch Center (SNSC) and Lenovo Switch Center that, on affected releases, can let a remote attacker obtain privileged-account access and then abuse ZipDownload.jsp to read arbitrary files. The issue affects SNSC prior to 7.3...
CVE-2015-7817
CVE-2015-7817 affects IBM System Networking Switch Center (SNSC) prior to 7.3.1.5 and Lenovo Switch Center prior to 8.1.2.0. A race condition in the administration-panel web service enables remote attackers to obtain privileged-account access, then feed FileReader.jsp input containing directory t...
CVE-2015-7818
CVE-2015-7818 affects IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0. The issue enables a local attacker to upload and execute a JSP file under SYSTEM privileges by exploiting the Apache Axis AdminService deployment method. Affected version detai...
CVE-2015-7819
IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 are affected by CVE-2015-7819. The vulnerability affects the SNSC/Password DB service that listens on port 40999 and allows remote attackers to obtain sensitive administrator credentials, demonstrate...