A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain write access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to write arbitrary files on the affected system.
Metrics
Affected Vendors & Products
References
History
Tue, 12 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2021-01-20T19:57:50.609228Z
Updated: 2024-11-12T20:22:26.330Z
Reserved: 2020-11-13T00:00:00
Link: CVE-2021-1259
Vulnrichment
Updated: 2024-08-03T16:02:56.387Z
NVD
Status : Modified
Published: 2021-01-20T20:15:14.503
Modified: 2024-11-21T05:43:56.873
Link: CVE-2021-1259
Redhat
No data.