Cisco : Security Vulnerabilities, CVEs, Published In 2015 (Directory traversal)

CVE-2015-6406

Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 10.5(1.10000.5) allows remote authenticated users to write to arbitrary files via a crafted filename, aka Bug ID CSCuv21781.
Max CVSS
4.0
EPSS Score
0.12%
Published
2015-12-13
Updated
2016-12-07

CVE-2015-4289

Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920.
Max CVSS
6.4
EPSS Score
0.10%
Published
2015-08-01
Updated
2015-09-03

CVE-2015-0666

Known exploited
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241.
Max CVSS
7.8
EPSS Score
97.39%
Published
2015-04-03
Updated
2015-09-29
CISA KEV Added
2022-03-25

CVE-2015-0665

The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173.
Max CVSS
6.6
EPSS Score
0.04%
Published
2015-03-17
Updated
2015-10-28

CVE-2014-8008

Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified Communications Manager (CUCM) allows remote authenticated users to read arbitrary files via a full pathname in an API command, aka Bug ID CSCur49414.
Max CVSS
6.8
EPSS Score
0.14%
Published
2015-01-22
Updated
2017-01-03
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close