Intrusion Prevention



This indicates an attack attempt to exploit a Directory Traversal Vulnerability in Cisco Systems UCS Director.
The vulnerability is due to insufficient validation of user input in the saveWindowsNetworkConfig method. A remote authenticated attacker can exploit the vulnerability by sending malicious requests to the target server. Successful exploitation could result in arbitrary file write leading to denial of service conditions.

Affected Products

Cisco Systems UCS Director prior to
Cisco Systems UCS Director Express for Big Data prior to


Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.

CVE References