Signature Detail

HTTP: Cisco Prime Data Center Network Manager DownloadServlet Information Disclosure

This signature detects attempts to exploit a known vulnerability in Cisco Prime Data Center Network Manager. It is due to lack of authentication and insufficient input validation in DownloadServlet when processing HTTP requests. A remote unauthenticated attacker can download arbitrary files from arbitrary locations. This can be leveraged to obtain sensitive information from a target system.

Extended Description

DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCue77029.

Affected Products

• Cisco prime_data_center_network_manager 4.1(2)
• Cisco prime_data_center_network_manager 4.1(3)
• Cisco prime_data_center_network_manager 4.1(4)
• Cisco prime_data_center_network_manager 4.1(5)
• Cisco prime_data_center_network_manager 4.2(1)
• Cisco prime_data_center_network_manager 4.2(3)
• Cisco prime_data_center_network_manager 5.0(2)
• Cisco prime_data_center_network_manager 5.0(3)
• Cisco prime_data_center_network_manager 5.1(1)
• Cisco prime_data_center_network_manager 5.1(2)
• Cisco prime_data_center_network_manager 5.1(3u)
• Cisco prime_data_center_network_manager 5.2(2)
• Cisco prime_data_center_network_manager 5.2(2a)
• Cisco prime_data_center_network_manager 5.2(2b)
• Cisco prime_data_center_network_manager 5.2(2c)
• Cisco prime_data_center_network_manager 5.2(2e)
• Cisco prime_data_center_network_manager 6.1(1a)
• Cisco prime_data_center_network_manager 6.1(1b)

References

• BugTraq: 62483
• CVE: CVE-2013-5487