CVE-2009-0615
critical
Cisco CVSS v3 Base Score
9.0
AV:N/AC:L/Au:S/C:C/I:C/A:C
EPSS Score
0.2%
Exploitation probability in 30 days
Top 55% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: February 26, 2009 (6285 days ago)
Last Modified: April 23, 2026
Vendor: Cisco
Source: NVD
Vulnerability Report
Generated by CyberWatcher
Description
Directory traversal vulnerability in Cisco Application Networking Manager (ANM) before 2.0 and Application Control Engine (ACE) Device Manager before A3(2.1) allows remote authenticated users to read or modify arbitrary files via unspecified vectors, related to "invalid directory permissions."
CWE
CWE-22Affected Products
cisco application control engine device managercisco application networking manager