CVE-2020-3241 | Cisco UCS Director Path Traversal Vulnerability
A vulnerability in the orchestration tasks of Cisco UCS Director could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input on the web-based management interface. An attacker could exploit this vulnerability by creating a task with specific configuration parameters. A successful exploit could allow the attacker to overwrite arbitrary files in the file system of an affected device.
Conclusion & alert: CVE-2020-3241 is rated Moderate Risk (54.7/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 1.98%).Core evidence: EPSS rose +1.47% over the last day, indicating growing attacker interest.Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2020-3241
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).