Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-1161

Опубликовано: 21 мая 2009
Источник: nvd
CVSS2: 10
EPSS Низкий

Описание

Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:windows:*:*:*:*:*

Одно из

cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_voice_manager:3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_voice_manager:3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:security_manager:3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:security_manager:3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_operations_manager:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_provisioning_manager:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_provisioning_manager:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_provisioning_manager:1.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_provisioning_manager:1.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_service_monitor:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_service_monitor:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_service_monitor:2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_service_monitor:2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 80%
0.01439
Низкий

10 Critical

CVSS2

Дефекты

CWE-22

Связанные уязвимости

github логотип

GHSA-p549-g2jj-vm8x

github
почти 4 года назад

Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.

EPSS

Процентиль: 80%
0.01439
Низкий

10 Critical

CVSS2

Дефекты

CWE-22