Race Condition Vulnerability in IBM System Networking Switch and Lenovo Switch Center
CVE-2015-7817
Currently unrated
Summary
A race condition exists in the administration-panel web service of IBM System Networking Switch Center and Lenovo Switch Center, which can be exploited by remote attackers to gain unauthorized privileged account access. By sending specially crafted requests to specific ports, attackers can introduce directory traversal sequences via the FileReader.jsp input, enabling the reading of arbitrary text files. This vulnerability highlights the need for robust security practices in managing network devices.
References
EPSS Score
28% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved