CVE-2015-0666
published 2015-04-03CVE-2015-0666: Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read…
PriorityP182high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-04-15
Exploited in the wild
EPSS
40.61%
98.5th percentile
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | prime_data_center_network_manager | <= 7.0\(2\) | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager_file | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests targeting the /fmserver servlet path for directory traversal sequences (e.g., '../', '%2e%2e%2f', '%2f', encoded variants) which may indicate exploitation attempts against CVE-2015-0666. ↗
- →Exploitation requires no authentication — flag any unauthenticated requests to the fmserver servlet that contain path traversal patterns as high-priority alerts. ↗
- ·Vulnerability affects Cisco Prime DCNM versions prior to 7.1(1); ensure patched version is confirmed before deprioritizing detections. ↗
- ·No workarounds are available for this vulnerability; patching is the only mitigation per vendor guidance. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:C/I:N/A:N
vulncheck7.5HIGH
cisa7.5HIGH
vendor_cisco7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
cisa·2022-03-25·CVSS 7.5
CVE-2015-0666 [HIGH] CWE-22 Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
Vulnerability: Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
Affected: Cisco Prime Data Center Network Manager (DCNM)
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2015-0666
Remediation Due Date: 2022-04-15
Cisco
Cisco Prime Data Center Network Manager File Information Disclosure Vulnerability
vendor_cisco·2015-04-01·CVSS 7.8
CVE-2015-0666 [HIGH] CWE-22 Cisco Prime Data Center Network Manager File Information Disclosure Vulnerability
Cisco Prime Data Center Network Manager File Information Disclosure Vulnerability
Cisco Prime Data Center Network Manager (DCNM) contains a file information disclosure vulnerability that could allow an unauthenticated, remote attacker to retrieve arbitrary files from the underlying operating system.
Cisco has released software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-dcnm
Cisco
Cisco Prime Data Center Network Manager File Information Disclosure Vulnerability
vendor_cisco
CVE-2015-0666 Cisco Prime Data Center Network Manager File Information Disclosure Vulnerability
CVE-2015-0666: Cisco Prime Data Center Network Manager File Information Disclosure Vulnerability
Cisco Prime Data Center Network Manager (DCNM) contains a file information disclosure vulnerability that could allow an unauthenticated, remote attacker to retrieve arbitrary files from the underlying operating system. Cisco has released software updates that address this vulnerability.
CWE: CWE-22, CWE-22
Bug IDs: CSCus00241, CSCus00241
GHSA
GHSA-hgq8-fc97-42ff: Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7
ghsa_unreviewed·2022-05-17
CVE-2015-0666 [HIGH] CWE-22 GHSA-hgq8-fc97-42ff: Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241.
VulnCheck
Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
vulncheck·2015·CVSS 7.5
CVE-2015-0666 [HIGH] CWE-22 Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.
Affected: Cisco Prime Data Center Network Manager (DCNM)
Required Action: Apply updates per vendor instructions.
Exploitation References: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-dcnm; https://blog.checkpoint.com/security/december-2021s-most-wanted-malware-trickbot-emotet-and-the-log4j-plague/; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://blog.checkpoint.com/security/april-2022s-most-wanted-malware-a-shake-up-in-the-index-but-emotet-is-still-on-top/;
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-dcnmhttp://www.securitytracker.com/id/1032009http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-dcnmhttp://www.securitytracker.com/id/1032009https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-0666
2015-04-03
Published
2022-03-25
Added to CISA KEV
Exploited in the wild