Remote File Overwrite in Cisco Integrated Management Controller and UCS Director
CVE-2015-6259

Currently unrated

Key Information:

Vendor: Cisco
Status: Integrated Management Controller Supervisor
Vendor: CVE Published:; 4 September 2015

Summary

The JSP component in Cisco Integrated Management Controller (IMC) Supervisor and UCS Director prior to specific versions allows remote attackers to exploit vulnerabilities through crafted HTTP requests. This can lead to unauthorized file writing on affected systems, posing serious risks to data integrity and system security.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1033451

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Sep 4, 2015
Vulnerability Reserved
Aug 17, 2015