CyberSec.Space Logo
Back to CVE Browser

CVE-2015-6259

CRITICAL
9.4
CVSS Severity Score
EPSS Score0.0450%
EPSS Percentile11.12th
PublishedSep 4, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

The JavaServer Pages (JSP) component in Cisco Integrated Management Controller (IMC) Supervisor before 1.0.0.1 and UCS Director (formerly Cloupia Unified Infrastructure Controller) before 5.2.0.1 allows remote attackers to write to arbitrary files via crafted HTTP requests, aka Bug IDs CSCus36435 and CSCus62625.

Affected Platforms (CPE)

πŸ“¦
Cisco

Integrated Management Controller Supervisor

<= 1.0.0.0
πŸ“¦
Cisco

Unified Computing System Director

<= 5.2.0.0
πŸ“¦
Cisco

Unified Computing System Director

= 3.4_base
πŸ“¦
Cisco

Unified Computing System Director

= 4.0_base
πŸ“¦
Cisco

Unified Computing System Director

= 4.1_base
πŸ“¦
Cisco

Unified Computing System Director

= 5.0.0.0
πŸ“¦
Cisco

Unified Computing System Director

= 5.0.0.1
πŸ“¦
Cisco

Unified Computing System Director

= 5.0.0.2
πŸ“¦
Cisco

Unified Computing System Director

= 5.0.0.3
πŸ“¦
Cisco

Unified Computing System Director

= 5.1.0.0
πŸ“¦
Cisco

Unified Computing System Director

= 5.1.0.1

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150902-cimcs
πŸ”— http://www.securitytracker.com/id/1033451
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150902-cimcs
πŸ”— http://www.securitytracker.com/id/1033451

Related Vulnerabilities

CVE-2019-19359.8

A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for...

CVE-2019-19749.8

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Direct...

CVE-2019-19379.8

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Direct...

CVE-2018-01488.8

A vulnerability in the web-based management interface of Cisco UCS Director Software and Cisco Integrated Management Controller (I...