Directory Traversal Vulnerability in Cisco Emergency Responder
CVE-2015-6406

Currently unrated

Key Information:

Vendor: Cisco
Status: Emergency Responder
Vendor: CVE Published:; 13 December 2015

Summary

A directory traversal vulnerability exists in the Tools menu of Cisco Emergency Responder 10.5(1.10000.5), allowing remote authenticated users to access and manipulate protected files on the server. By submitting a specially crafted filename, attackers could potentially write to arbitrary files, compromising the integrity and confidentiality of the system. This situation highlights the importance of ensuring proper input validation and access controls in web applications.

References

http://www.securitytracker.com/id/1034384

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/78816

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Dec 13, 2015
Vulnerability Reserved
Aug 17, 2015