CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-2276

The FileUploadController servlet in EMC Connectrix Manager Converged Network Edition (CMCNE) before 12.1.5 does not properly restrict additions to the Connectrix Manager repository, which allows remote attackers to obtain sensitive information by importing a crafted firmware file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 79.0%

CVSS Severity

CVSS v2 Score 5.0

References

http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html
http://secunia.com/advisories/57513
http://www.securityfocus.com/bid/66308
http://www.securitytracker.com/id/1029939
https://exchange.xforce.ibmcloud.com/vulnerabilities/91987
http://archives.neohapsis.com/archives/bugtraq/2014-03/0115.html
http://secunia.com/advisories/57513
http://www.securityfocus.com/bid/66308
http://www.securitytracker.com/id/1029939
https://exchange.xforce.ibmcloud.com/vulnerabilities/91987

Products affected by CVE-2014-2276

Emc » Connectrix Manager » Version: 11.2.1

cpe:2.3:a:emc:connectrix_manager:11.2.1
Emc » Connectrix Manager » Version: 12.0.1

cpe:2.3:a:emc:connectrix_manager:12.0.1
Emc » Connectrix Manager » Version: 12.0.3

cpe:2.3:a:emc:connectrix_manager:12.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2276

Products

Pricing

Contact Us