CVE-2014-2276
The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0043 (0.4%)
Percentil: 62.9%
EPSS: 2026-05-06
Afecta
emc:connectrix_managerDescripción técnica
The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file.
Publicada: 21/3/2014, 14:55:07
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html
- http://secunia.com/advisories/57513
- http://www.securityfocus.com/bid/66308
- http://www.securitytracker.com/id/1029939
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91987
- http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html
- http://secunia.com/advisories/57513
- http://www.securityfocus.com/bid/66308