|
|||
Rule General Information |
---|
Release Date: | 2019-06-26 | |
Rule Name: | EMC CMCNE FileUploadController FILELOCATION Directory Traversal Vulnerability (CVE-2014-2276) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file. | |
Impact: | An attacker can abtain sensitive information of the target victim, and do malicious actions to gain profits using the information. | |
Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
Reference: | SecurityFocusBID:66308 http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html SecurityTrackerID:1029939 https://exchange.xforce.ibmcloud.com/vulnerabilities/91987 |
|
Solutions |
---|
The vendors have released upgrade patches to fix vulnerabilities, please visit: http://www.emc.com/index.htm |