A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability affects the following products: Cisco Prime Data Center Network Manager (DCNM) Version 10.0 and later, and Cisco Prime Infrastructure (PI) All versions. Cisco Bug IDs: CSCvf32411, CSCvf81727.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCisco Prime Data Center Network Manager
APPCisco10.0\(1\)10.2\(1\)Cisco Prime Infrastructure
APPCisco3.3\(0.0\)
Related vulnerabilities
A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Mana...
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory pe...
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manag...
A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, rem...
The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved Programmable Network Manager (EPNM) 1.2 allo...