Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0615

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2009-0615
Last Modified 03 Mar 2009 02:04:48
Published 26 Feb 2009 11:17:20
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2009-0615

Summary

Directory traversal vulnerability in Cisco Application Networking Manager (ANM) before 2.0 and Application Control Engine (ACE) Device Manager before A3(2.1) allows remote authenticated users to read or modify arbitrary files via unspecified vectors, related to "invalid directory permissions."

Vulnerable Systems

Application

  • Cisco Application Control Engine Device Manager 1.1

  • Cisco Application Control Engine Device Manager 1.2

  • Cisco Application Networking Manager 1.1

  • Cisco Application Networking Manager 1.2


References

SECTRACK - 1021770

BID - 33903

CISCO - 20090225 Cisco ACE Application Control Engine Device Manager and Application Networking Manager Vulnerabilities


Last Updated: 27 May 2016 10:50:18