Signature Detail

HTTP: Cisco Prime Data Center Network Manager processImageSave.jsp Arbitrary File Upload

This signature detects attempts to exploit a known vulnerability in the Cisco Prime Data Center Network Manager. It is due to lack of authentication and insufficient input validation in the processImageSave.jsp when processing HTTP requests. A remote unauthenticated attacker can upload arbitrary files to arbitrary locations. In a successful attack scenario, the attacker can execute arbitrary code with SYSTEM privileges by placing executable files in critical locations.

Extended Description

Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be leveraged to execute arbitrary commands by using the JBoss autodeploy functionality.

Affected Products

• cisco prime_data_center_network_manager 4.1(2)
• cisco prime_data_center_network_manager 4.1(3)
• cisco prime_data_center_network_manager 4.1(4)
• cisco prime_data_center_network_manager 4.1(5)
• cisco prime_data_center_network_manager 4.2(1)
• cisco prime_data_center_network_manager 4.2(3)
• cisco prime_data_center_network_manager 5.0(2)
• cisco prime_data_center_network_manager 5.0(3)
• cisco prime_data_center_network_manager 5.1(1)
• cisco prime_data_center_network_manager 5.1(2)
• cisco prime_data_center_network_manager 5.1(3u)
• cisco prime_data_center_network_manager 5.2(2)
• cisco prime_data_center_network_manager 5.2(2a)
• cisco prime_data_center_network_manager 5.2(2b)
• cisco prime_data_center_network_manager 5.2(2c)
• cisco prime_data_center_network_manager 5.2(2e)
• cisco prime_data_center_network_manager 6.1(1a)
• cisco prime_data_center_network_manager up to 6.1(1b)

References

• BugTraq: 62484
• CVE: CVE-2013-5486