Cisco Data Center Network Manager CVE-2018-0464 Directory Traversal Vulnerability
BID:105159
CVE-2018-464 |Info
Cisco Data Center Network Manager CVE-2018-0464 Directory Traversal Vulnerability
| Bugtraq ID: | 105159 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-0464 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 28 2018 12:00AM |
| Updated: | Aug 28 2018 12:00AM |
| Credit: | Tenable, Inc. |
| Vulnerable: |
Cisco Prime Data Center Network Manager (DCNM) 7.1(1) Cisco Prime Data Center Network Manager (DCNM) 7.0(2) Cisco Prime Data Center Network Manager (DCNM) 7.0(1) Cisco Prime Data Center Network Manager (DCNM) 6.3(2) Cisco Prime Data Center Network Manager (DCNM) 6.3(1) Cisco Prime Data Center Network Manager (DCNM) 10.3(1) Cisco Prime Data Center Network Manager (DCNM) 10.2 Cisco Prime Data Center Network Manager (DCNM) 10.1 Cisco Prime Data Center Network Manager (DCNM) 10.0 |
| Not Vulnerable: |
Cisco Data Center Network Manager (DCNM) 11.0(1) |
Discussion
Cisco Data Center Network Manager CVE-2018-0464 Directory Traversal Vulnerability
Cisco Data Center Network Manager is prone to a directory-traversal vulnerability.
A remote attacker could exploit the vulnerability using directory-traversal characters ('../') to access arbitrary files that contain sensitive information.
This issue is being tracked by Cisco Bug ID CSCvj86072.
Cisco Data Center Network Manager is prone to a directory-traversal vulnerability.
A remote attacker could exploit the vulnerability using directory-traversal characters ('../') to access arbitrary files that contain sensitive information.
This issue is being tracked by Cisco Bug ID CSCvj86072.
Exploit / POC
Cisco Data Center Network Manager CVE-2018-0464 Directory Traversal Vulnerability
An attacker can exploit this issue using a web browser.
An attacker can exploit this issue using a web browser.