Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 12/11/2015 Updated: 12/11/2015

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 632

Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N

Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) prior to 7.3.1.5 and Lenovo Switch Center prior to 8.1.2.0 allows remote malicious users to obtain privileged-account access, and consequently provide FileReader.jsp input containing directory traversal sequences to read arbitrary text files, via a request to port 40080 or 40443.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm system networking switch center
lenovo switch center

CWE-362 https://support.lenovo.com/us/en/product_security/len_2015_074 http://www.zerodayinitiative.com/advisories/ZDI-15-553/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-7817

Vulnerability Summary

References

Vulmon Search

About

Products

Connect