Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) prior to 6.2(1) allows remote malicious users to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be leveraged to execute arbitrary commands by using the JBoss autodeploy functionality.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco prime data center network manager 5.0\\(3\\) |
||
cisco prime data center network manager 5.0\\(2\\) |
||
cisco prime data center network manager 4.2\\(3\\) |
||
cisco prime data center network manager 4.2\\(1\\) |
||
cisco prime data center network manager 4.1\\(5\\) |
||
cisco prime data center network manager 5.2\\(2e\\) |
||
cisco prime data center network manager 5.2\\(2c\\) |
||
cisco prime data center network manager 5.2\\(2b\\) |
||
cisco prime data center network manager 5.2\\(2a\\) |
||
cisco prime data center network manager 6.1\\(1b\\) |
||
cisco prime data center network manager 5.1\\(3u\\) |
||
cisco prime data center network manager 5.1\\(1\\) |
||
cisco prime data center network manager 4.1\\(3\\) |
||
cisco prime data center network manager 6.1\\(1a\\) |
||
cisco prime data center network manager 5.2\\(2\\) |
||
cisco prime data center network manager 5.1\\(2\\) |
||
cisco prime data center network manager 4.1\\(4\\) |
||
cisco prime data center network manager 4.1\\(2\\) |
||
cisco prime data center network manager |
Vulmon