CVE-2015-6406

CWE-22Path Traversal4 documents4 sources
Severity
4.0MEDIUM
EPSS
0.4%
top 37.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Emergency Responder
Timeline
PublishedDec 13
Latest updateMay 17

Description

Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 10.5(1.10000.5) allows remote authenticated users to write to arbitrary files via a crafted filename, aka Bug ID CSCuv21781.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/emergency_responder10.5\(1.10000.5\)

🔴Vulnerability Details

2
GHSA
GHSA-7xx8-4prf-jp47: Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 102022-05-17
CVEList
CVE-2015-6406: Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 102015-12-13

📋Vendor Advisories

1
Cisco
Cisco Emergency Responder Tools Menu Directory Traversal Vulnerability2015-12-10
CVE-2015-6406 (MEDIUM CVSS 4) | Directory traversal vulnerability i | cvebase.io