1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Cisco Prime Data Center Network Manager Arbitrary File Upload

Web Attack: Cisco Prime Data Center Network Manager Arbitrary File Upload

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to leverage an arbitrary file upload vulnerability in Cisco Prime Data Center Network Manager which could result in arbitrary code execution.

Additional Information

Cisco Prime Data Center Network Manager is a network management application.

Cisco Prime Data Center Network Manager is prone to multiple remote command-execution vulnerabilities. Specifically, these issues affect the 'Cisco DCNM-SAN Server' component. An attacker can exploit these issues by sending arbitrary commands on the underlying operating system of a targeted device.

An attacker can exploit these issues to execute arbitrary commands within the context of the affected application.

These issues are tracked by Cisco Bug IDs CSCue77035 and CSCue77036.

Affected

  • Cisco Prime DCNM prior to 6.2.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube