Cisco : Security Vulnerabilities, CVEs, Published In 2015 (Directory traversal)
Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 10.5(1.10000.5) allows remote authenticated users to write to arbitrary files via a crafted filename, aka Bug ID CSCuv21781.
Max CVSS
4.0
EPSS Score
0.12%
Published
2015-12-13
Updated
2016-12-07
Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920.
Max CVSS
6.4
EPSS Score
0.10%
Published
2015-08-01
Updated
2015-09-03
CVE-2015-0666
Known exploited
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241.
Max CVSS
7.8
EPSS Score
97.39%
Published
2015-04-03
Updated
2015-09-29
CISA KEV Added
2022-03-25
The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173.
Max CVSS
6.6
EPSS Score
0.04%
Published
2015-03-17
Updated
2015-10-28
Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified Communications Manager (CUCM) allows remote authenticated users to read arbitrary files via a full pathname in an API command, aka Bug ID CSCur49414.
Max CVSS
6.8
EPSS Score
0.14%
Published
2015-01-22
Updated
2017-01-03
5 vulnerabilities found