CVE-2015-7817
N/A
N/A
Summary
Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide FileReader.jsp input containing directory traversal sequences to read arbitrary text files, via a request to port 40080 or 40443.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.zerodayinitiative.com/advisories/ZDI-15-553/
- https://support.lenovo.com/us/en/product_security/len_2015_074
References
- http://www.zerodayinitiative.com/advisories/ZDI-15-553/
- https://support.lenovo.com/us/en/product_security/len_2015_074
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.