CVE-2014-2276

Published: Mar 21, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file.

Affected (1)

Products: Emc: Connectrix Manager

1 product

Connectrix Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Emc Connectrix Manager	Up to 12.1.2

Related CWEs

References (10)

http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html

Source: cve@mitre.org

http://secunia.com/advisories/57513

Source: cve@mitre.org

http://www.securityfocus.com/bid/66308

Source: cve@mitre.org

http://www.securitytracker.com/id/1029939

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/91987

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/57513

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/66308

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1029939

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/91987

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.