CVE-2015-0666
Published: 03 April 2015
Summary
CVE-2015-0666 is a high-severity Path Traversal (CWE-22) vulnerability in Cisco Prime Data Center Network Manager. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 1.7% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2015-0666 is a directory traversal vulnerability, tracked as Bug ID CSCus00241 and assigned CWE-22, that affects the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) versions prior to 7.1(1). The flaw permits remote attackers to supply a crafted pathname and retrieve arbitrary files from the underlying system, resulting in a CVSS 3.1 base score of 7.5 with network attack vector, low complexity, and no required privileges or user interaction.
Unauthenticated attackers with network access can exploit the servlet directly to read sensitive files, achieving high confidentiality impact without affecting integrity or availability. The vulnerability can be reached over the network without authentication, enabling straightforward remote file disclosure.
Cisco Security Advisory cisco-sa-20150401-dcnm and associated vendor notices recommend upgrading affected DCNM installations to version 7.1(1) or later to address the issue. The vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, confirming observed real-world exploitation.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2015-0679
Vulnerability details
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241.
- CWE(s)
- KEV Date Added
- 25 March 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Validates pathnames supplied to the fmserver servlet to reject crafted inputs that attempt directory traversal and arbitrary file reads.
Enforces access control policies on file resources so that unauthenticated remote requests cannot retrieve arbitrary files via the vulnerable servlet.
Controls information flows between the servlet and underlying file system to block unauthorized disclosure of files outside intended directories.