The JavaServer Pages (JSP) component in Cisco Integrated Management Controller (IMC) Supervisor before 1.0.0.1 and UCS Director (formerly Cloupia Unified Infrastructure Controller) before 5.2.0.1 allows remote attackers to write to arbitrary files via crafted HTTP requests, aka Bug IDs CSCus36435 and CSCus62625.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150902-cimcs | Vendor Advisory |
http://www.securitytracker.com/id/1033451 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2015-09-04T01:00:00
Updated: 2016-12-20T16:57:01
Reserved: 2015-08-17T00:00:00
Link: CVE-2015-6259
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-09-04T01:59:02.910
Modified: 2016-12-29T13:16:10.730
Link: CVE-2015-6259
JSON object: View
Redhat Information
No data.
CWE