CVE-2019-1629

N/A

Descripcion

A vulnerability in the configuration import utility of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to have write access and upload arbitrary data to the filesystem. The vulnerability is due to a failure to delete temporarily uploaded files. An attacker could exploit this vulnerability by crafting a malicious file and uploading it to the affected device. An exploit could allow the attacker to fill up the filesystem or upload malicious scripts.

Detalles CVE

Puntuacion CVSS v3.1N/A

Publicado6/20/2019

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

cisco:integrated_management_controllercisco:unified_computing_system

Debilidades (CWE)

CWE-306CWE-306

Referencias

http://www.securityfocus.com/bid/108852(psirt@cisco.com)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-imc-filewrite(psirt@cisco.com)

http://www.securityfocus.com/bid/108852(af854a3a-2127-422b-91ae-364da2661108)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-imc-filewrite(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.