CVE-2020-3241

Name of the Vulnerable Software and Affected Versions Cisco UCS Director (affected versions not specified)

Description The issue is related to insufficient validation of user-supplied input on the web-based management interface, allowing a path traversal attack. This could enable an authenticated, remote attacker to overwrite arbitrary files in the file system of the affected device. The vulnerability exists due to incorrect restriction of the directory path name with limited access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.