Loading
Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be leveraged to execute arbitrary commands by using the JBoss autodeploy functionality.
Use CWE-78, Cisco vendor hub and Prime Data Center Network Manager product page to widen CVE-2013-5486 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2015-0666, CVE-2018-0258 and CVE-2017-6640 for nearby disclosures in the same product family. Additional editorial context is available in Why “Low” and “Medium” CVEs Still Breach Networks.