CVSS: 7.8EPSS: 97%CPEs: 4EXPL: 0CVE-2015-0666 – Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2015-0666
03 Apr 2015 — Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241. Vulnerabilidad de salto de directorio en el servlet fmserver en Cisco Prime Data Center Network Manager (DCNM) anterior a 7.1(1) permite a atacantes remotos leer ficheros arbitrarios a través de un nombre de ruta manipulado, también conocido como Bug ID CSCus00241. This vulnerability allows rem... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-dcnm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2014-3329
https://notcve.org/view.php?id=CVE-2014-3329
29 Jul 2014 — Cross-site scripting (XSS) vulnerability in the web-server component in Cisco Prime Data Center Network Manager (DCNM) 6.3(2) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum86620. Vulnerabilidad de XSS en el componente del servidor web en Cisco Prime Data Center Network Manager (DCNM) 6.3(2) y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de una URL manipulada, también conocido como Bug ID... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3329 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •