QwikSec

Security Database

CVE

CWE

Training

CVE-2018-0258

Published: May 2, 2018

Modified: Nov 29, 2024

PUBLISHED

Description

A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability affects the following products: Cisco Prime Data Center Network Manager (DCNM) Version 10.0 and later, and Cisco Prime Infrastructure (PI) All versions. Cisco Bug IDs: CSCvf32411, CSCvf81727.

Vendor	Product	Versions
n/a	Cisco Prime File Upload Servlet	affected `Cisco Prime File Upload Servlet`

Weaknesses (CWE)

References

vdb-entry

x_refsource_BID

https://www.tenable.com/security/research/tra-2018-11

x_refsource_MISC

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-prime-upload

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.