Cisco Data Center Network Manager Path Traversal Vulnerability

A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote attacker to conduct directory traversal attacks and gain access to sensitive files on the targeted system. The vulnerability is due to improper validation of user requests within the management interface. An attacker could exploit this vulnerability by sending malicious requests containing directory traversal character sequences within the management interface. An exploit could allow the attacker to view or create arbitrary files on the targeted system.

N/A

对路径名的限制不恰当(路径遍历)

Cisco Data Center Network Manager 路径遍历漏洞

Cisco Data Center Network Manager是美国思科（Cisco）公司的一套数据中心管理系统。该系统适用于Cisco Nexus和MDS系列交换机，提供存储可视化、配置和故障排除等功能。 Cisco Data Center Network Manager 11.0(1)之前版本中存在路径遍历漏洞，该漏洞源于在管理界面中程序没有正确的验证用户的请求。远程攻击者可通过发送带有路径遍历字符序列的恶意请求利用该漏洞在目标系统上查看和创建任意文件。

N/A

N/A