cbcvebase.
CVE-2015-0666
published 2015-04-03

CVE-2015-0666: Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read…

PriorityP182high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-04-15
Exploited in the wild
EPSS
40.61%
98.5th percentile
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241.

Affected

5 ranges
VendorProductVersion rangeFixed in
ciscoprime_data_center_network_manager<= 7.0\(2\)
ciscoprime_data_center_network_manager
ciscoprime_data_center_network_manager
ciscoprime_data_center_network_manager
ciscoprime_data_center_network_manager_file

Detection & IOCsextracted from sources · hover to see the quote

path/fmserver
  • Monitor HTTP requests targeting the /fmserver servlet path for directory traversal sequences (e.g., '../', '%2e%2e%2f', '%2f', encoded variants) which may indicate exploitation attempts against CVE-2015-0666.
  • Exploitation requires no authentication — flag any unauthenticated requests to the fmserver servlet that contain path traversal patterns as high-priority alerts.
  • ·Vulnerability affects Cisco Prime DCNM versions prior to 7.1(1); ensure patched version is confirmed before deprioritizing detections.
  • ·No workarounds are available for this vulnerability; patching is the only mitigation per vendor guidance.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:C/I:N/A:N
vulncheck7.5HIGH
cisa7.5HIGH
vendor_cisco7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.