CVE-2015-6259

Currently unrated

Key Information:

Vendor: Cisco
Status: Integrated Management Controller Supervisor
Vendor: CVE Published:; 4 September 2015

Summary

The JavaServer Pages (JSP) component in Cisco Integrated Management Controller (IMC) Supervisor before 1.0.0.1 and UCS Director (formerly Cloupia Unified Infrastructure Controller) before 5.2.0.1 allows remote attackers to write to arbitrary files via crafted HTTP requests, aka Bug IDs CSCus36435 and CSCus62625.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1033451

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Sep 4, 2015
Vulnerability Reserved
Aug 17, 2015