CVE-2015-0666

HIGH KEV

Cisco Prime Data Center Network Manager < 7.0\(2\) - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241.

References (3)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-dcnm

[Broken Link] http://www.securitytracker.com/id/1032009

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-0666

Scores

CVSS v3 7.5

EPSS 0.5998

EPSS Percentile 98.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CISA KEV 2022-03-25

VulnCheck KEV 2015-04-01

InTheWild.io 2022-03-25

ENISA EUVD EUVD-2015-0679

CWE

CWE-22

Status published

Products (4)

cisco/prime_data_center_network_manager 6.3\(1\)

cisco/prime_data_center_network_manager 6.3\(2\)

cisco/prime_data_center_network_manager 7.0\(1\)

cisco/prime_data_center_network_manager < 7.0\(2\)

Published Apr 03, 2015

KEV Added Mar 25, 2022

Tracked Since Feb 18, 2026