Short Name |
HTTP:MISC:EMC-CMCNE-FU |
---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
EMC CMCNE inmservlets.war FileUploadController Arbitrary File Upload |
Release Date |
2014/02/13 |
Update Number |
2345 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects attempts to exploit a known vulnerability in EMC CMCNE. The vulnerability is due to lack of authentication and insufficient input validation in the FileUploadController servlet of inmservlets.war when processing HTTP requests. A remote unauthenticated attacker can upload arbitrary files to arbitrary locations. In a successful attack scenario, the attacker can execute arbitrary code with SYSTEM privileges by placing executable files in critical locations.
The server in EMC Connectrix Manager Converged Network Edition (CMCNE) 11.2.1, 12.0.1, and 12.0.3 allows remote attackers to execute arbitrary code by using a servlet to upload an executable file.