Intrusion Prevention

Cisco.Network.Analysis.Module.graph.sfile.Directory.Traversal

Description

This indicates an attack attempt against a Directory Traversal vulnerability in Cisco Prime Network Analysis Module.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application while handling maliciously crafted requests. A remote attacker may be able to exploit this to delete arbitrary files on the targeted server, via a crafted request.

Affected Products

Cisco Systems Prime Network Analysis Module prior to 6.2(1-b)

Impact

System Compromise: Remote attackers can delete arbitrary files of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-nam

CVE References

CVE-2017-12285