Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-1224

Опубликовано: 09 мая 2013
Источник: nvd
CVSS2: 7.8
EPSS Низкий

Описание

Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (1) HTTP or (2) HTTPS request that triggers incorrect parameter validation, aka Bug ID CSCub38369.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*
Версия до 9.0\(1\) (включая)
cpe:2.3:a:cisco:unified_customer_voice_portal:3.0:sr1:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:3.0:sr2:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:3.6\(10\):es01:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:4.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:4.0\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:4.0\(2\):sr1:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:4.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:7.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:7.0\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:8.0\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:8.5\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 53%
0.00306
Низкий

7.8 High

CVSS2

Дефекты

CWE-22

Связанные уязвимости

github логотип

GHSA-94x3-94ph-mg4c

github
больше 3 лет назад

Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (1) HTTP or (2) HTTPS request that triggers incorrect parameter validation, aka Bug ID CSCub38369.

EPSS

Процентиль: 53%
0.00306
Низкий

7.8 High

CVSS2

Дефекты

CWE-22