Weakness Name | Source | |
---|---|---|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Metrics | Score | Severity | CVSS Vector | Source |
---|---|---|---|---|
V2 | 10 | AV:N/AC:L/Au:N/C:C/I:C/A:C | nvd@nist.gov |
Cisco>>Ciscoworks_common_services >> Version 3.0.3
Cisco>>Ciscoworks_common_services >> Version 3.0.4
Cisco>>Ciscoworks_common_services >> Version 3.0.5
Cisco>>Ciscoworks_common_services >> Version 3.0.6
Cisco>>Ciscoworks_common_services >> Version 3.1
Cisco>>Ciscoworks_common_services >> Version 3.1.1
Cisco>>Ciscoworks_common_services >> Version 3.2
Cisco>>Ciscoworks_health_and_utilization_monitor >> Version 1.0
Cisco>>Ciscoworks_health_and_utilization_monitor >> Version 1.1
Cisco>>Ciscoworks_lan_management_solution >> Version 2.5
Cisco>>Ciscoworks_lan_management_solution >> Version 2.6
Cisco>>Ciscoworks_lan_management_solution >> Version 3.0
Cisco>>Ciscoworks_lan_management_solution >> Version 3.1
Cisco>>Ciscoworks_qos_policy_manager >> Version 4.0
Cisco>>Ciscoworks_qos_policy_manager >> Version 4.1
Cisco>>Ciscoworks_voice_manager >> Version 3.0
Cisco>>Ciscoworks_voice_manager >> Version 3.1
Cisco>>Security_manager >> Version 3.0
Cisco>>Security_manager >> Version 3.1
Cisco>>Security_manager >> Version 3.2
Cisco>>Telepresence_readiness_assessment_manager >> Version 1.0
Cisco>>Unified_operations_manager >> Version 1.0
Cisco>>Unified_operations_manager >> Version 1.1
Cisco>>Unified_operations_manager >> Version 2.0
Cisco>>Unified_operations_manager >> Version 2.1
Cisco>>Unified_provisioning_manager >> Version 1.0
Cisco>>Unified_provisioning_manager >> Version 1.1
Cisco>>Unified_provisioning_manager >> Version 1.2
Cisco>>Unified_provisioning_manager >> Version 1.3
Cisco>>Unified_service_monitor >> Version 1.0
Cisco>>Unified_service_monitor >> Version 1.1
Cisco>>Unified_service_monitor >> Version 2.0
Cisco>>Unified_service_monitor >> Version 2.1