Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.103402
Category:CISCO
Title:Multiple Cisco Products 'file' Parameter () Directory Traversal Vulnerability
Summary:Multiple Cisco products are prone to a directory-traversal; vulnerability.
Description:Summary:
Multiple Cisco products are prone to a directory-traversal
vulnerability.

Vulnerability Insight:
This issue is tracked by Cisco BugID CSCts44049 and CSCth09343.

Vulnerability Impact:
Exploiting this issue will allow an attacker to read arbitrary files
from locations outside of the application's current directory. This could help the attacker launch further attacks.

Affected Software/OS:
Cisco Unified IP Interactive Voice Response Cisco Unified Contact

Center Express Cisco Unified Communications Manager

Solution:
Vendor updates are available. Please see the references for details.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:N/A:N

Cross-Ref: BugTraq ID: 50372
Common Vulnerability Exposure (CVE) ID: CVE-2011-3315
Cisco Security Advisory: 20111026 Cisco Unified Communications Manager Directory Traversal Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm
Cisco Security Advisory: 20111026 Cisco Unified Contact Center Express Directory Traversal Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.