CVE-2013-5486
critical
CVSS v3
—
CVSS v2
10.0
VIR risk
10.0
Description
Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be leveraged to execute arbitrary commands by using the JBoss autodeploy functionality.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-dcnm
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| cisco | prime_data_center_network_manager | 4.1\(2\) | |
| cisco | prime_data_center_network_manager | 4.1\(3\) | |
| cisco | prime_data_center_network_manager | 4.1\(4\) | |
| cisco | prime_data_center_network_manager | 4.1\(5\) | |
| cisco | prime_data_center_network_manager | 4.2\(1\) | |
| cisco | prime_data_center_network_manager | 4.2\(3\) | |
| cisco | prime_data_center_network_manager | 5.0\(2\) | |
| cisco | prime_data_center_network_manager | 5.0\(3\) | |
| cisco | prime_data_center_network_manager | 5.1\(1\) | |
| cisco | prime_data_center_network_manager | 5.1\(2\) | |
| cisco | prime_data_center_network_manager | 5.1\(3u\) | |
| cisco | prime_data_center_network_manager | 5.2\(2\) | |
| cisco | prime_data_center_network_manager | 5.2\(2a\) | |
| cisco | prime_data_center_network_manager | 5.2\(2b\) | |
| cisco | prime_data_center_network_manager | 5.2\(2c\) | |
| cisco | prime_data_center_network_manager | 5.2\(2e\) | |
| cisco | prime_data_center_network_manager | 6.1\(1a\) | |
| cisco | prime_data_center_network_manager | 6.1\(1b\) | |
| cisco | prime_data_center_network_manager | {"endIncluding":"6.1\\(1b\\)"} | |
References
CWEs
CWE-78
Verify integrity in audit chain (admin only). AS-IS.