Vulnerability-Lookup - Search a vulnerability

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

FKIE_CVE-2009-1161

Vulnerability from fkie_nvd - Published: 2009-05-21 14:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.

References

URL	Tags
psirt@cisco.com	http://jvn.jp/en/jp/JVN62527913/index.html
psirt@cisco.com	http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html
psirt@cisco.com	http://osvdb.org/54616
psirt@cisco.com	http://secunia.com/advisories/35179
psirt@cisco.com	http://securitytracker.com/id?1022263
psirt@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml	Patch, Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/35040
psirt@cisco.com	http://www.vupen.com/english/advisories/2009/1390
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN62527913/index.html
af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/54616
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35179
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1022263
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/35040
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1390

Impacted products

Vendor	Product	Version
cisco	ciscoworks_common_services	3.0.3
cisco	ciscoworks_common_services	3.0.4
cisco	ciscoworks_common_services	3.0.5
cisco	ciscoworks_common_services	3.0.6
cisco	ciscoworks_common_services	3.1
cisco	ciscoworks_common_services	3.1.1
cisco	ciscoworks_common_services	3.2
cisco	ciscoworks_health_and_utilization_monitor	1.0
cisco	ciscoworks_health_and_utilization_monitor	1.1
cisco	ciscoworks_lan_management_solution	2.5
cisco	ciscoworks_lan_management_solution	2.6
cisco	ciscoworks_lan_management_solution	3.0
cisco	ciscoworks_lan_management_solution	3.1
cisco	ciscoworks_qos_policy_manager	4.0
cisco	ciscoworks_qos_policy_manager	4.1
cisco	ciscoworks_voice_manager	3.0
cisco	ciscoworks_voice_manager	3.1
cisco	security_manager	3.0
cisco	security_manager	3.1
cisco	security_manager	3.2
cisco	telepresence_readiness_assessment_manager	1.0
cisco	unified_operations_manager	1.0
cisco	unified_operations_manager	1.1
cisco	unified_operations_manager	2.0
cisco	unified_operations_manager	2.1
cisco	unified_provisioning_manager	1.0
cisco	unified_provisioning_manager	1.1
cisco	unified_provisioning_manager	1.2
cisco	unified_provisioning_manager	1.3
cisco	unified_service_monitor	1.0
cisco	unified_service_monitor	1.1
cisco	unified_service_monitor	2.0
cisco	unified_service_monitor	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:windows:*:*:*:*:*",
              "matchCriteriaId": "EFFC3AE9-1B61-44F8-938B-6363EDB2DD5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:windows:*:*:*:*:*",
              "matchCriteriaId": "1BB12692-8BCD-4601-83AE-12F1AFD1EF03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "1017A34C-A119-41D4-AE10-1E35FAFF0547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:windows:*:*:*:*:*",
              "matchCriteriaId": "5399066A-658B-4494-A291-DB20E0CE7687",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "BD8374C6-D8A3-43CB-A9F7-8A71CD69BE9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "DC455CA4-A1F7-4614-9A6F-ABCB0C9026E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:windows:*:*:*:*:*",
              "matchCriteriaId": "F5941482-DB47-49E8-90BA-650073C3A233",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CC556B9-7073-41E3-8099-00B796F8B68B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87814504-DC6B-41CA-873E-F46B2F71A3FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB783DD2-C6B7-406B-9DC4-E1BC832D025C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "57CBDA0C-EE71-459C-AFA1-9879C6727287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CF9518-2D68-4E95-862B-54B622622B9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C446E75-5404-4875-AD94-DF953A7874FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A30B25F2-2DEB-4254-88DB-FA31AB6CA04D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F77163A8-3F2F-473F-B776-A155D94011DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_voice_manager:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1F143B9-20B4-4140-805F-5F709290D6E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_voice_manager:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "562CA8A8-C17E-4985-8EA0-E2CB61355FEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_manager:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE4D6E7-9884-4C7B-BD40-F8C08E78E93A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_manager:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "921F93B3-84A8-471B-9A3A-780C76BA3685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4686AD6B-CAB3-4CE5-9B13-D30613C614CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "668AEB8D-4923-4EAE-A67A-979D7B816108",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC421340-135D-45AD-8E59-F1B62805ABEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5510F4F-93C9-4722-97F5-37A05B48C23D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73FD728-7A22-4248-B4DA-62AB2704A411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "930EA844-7016-4EC3-833D-70D1B1DE6DA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C453852A-D639-4872-B8FE-AE7E2BC019A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4D4CAE-582C-47F5-A3D5-CC1D3BE00308",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0337CC9-B682-4135-B5C8-745B41474EBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "14FC0DD7-81A3-4294-ACA5-0F8B05E7CC49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_service_monitor:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A5A8958-B3DE-443B-921F-3AE25FFBF615",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_service_monitor:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B2F5BDC-A768-4A07-92A2-1C9DF484C3A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6041F558-D641-4067-BBC8-EC23D0A1ED18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "56101F5A-4099-4027-859D-07CFE598F1B5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en el servicio TFTP en Cisco CiscoWorks Common Services (CWCS) v3.0.x hasta v3.2.x en Windows, tambi\u00e9n utilizado en Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager y otros productos, lo que permite atacantes remotos acceder a ficheros arbitrarios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2009-1161",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-05-21T14:30:00.390",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/54616"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/35179"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securitytracker.com/id?1022263"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/35040"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/1390"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/54616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1022263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/35040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1390"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-1161 (GCVE-0-2009-1161)

Vulnerability from cvelistv5 – Published: 2009-05-21 14:00 – Updated: 2024-08-07 05:04

Summary

Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-0…	third-party-advisoryx_refsource_JVNDB
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	http://www.securityfocus.com/bid/35040	vdb-entryx_refsource_BID
	http://jvn.jp/en/jp/JVN62527913/index.html	third-party-advisoryx_refsource_JVN
	http://osvdb.org/54616	vdb-entryx_refsource_OSVDB
	http://securitytracker.com/id?1022263	vdb-entryx_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2009/1390	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/35179	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:48.874Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JVNDB-2009-000032",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
          },
          {
            "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
          },
          {
            "name": "35040",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35040"
          },
          {
            "name": "JVN#62527913",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
          },
          {
            "name": "54616",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/54616"
          },
          {
            "name": "1022263",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1022263"
          },
          {
            "name": "ADV-2009-1390",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1390"
          },
          {
            "name": "35179",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35179"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-05-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-06-04T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "JVNDB-2009-000032",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
        },
        {
          "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
        },
        {
          "name": "35040",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35040"
        },
        {
          "name": "JVN#62527913",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
        },
        {
          "name": "54616",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/54616"
        },
        {
          "name": "1022263",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1022263"
        },
        {
          "name": "ADV-2009-1390",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1390"
        },
        {
          "name": "35179",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35179"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-1161",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVNDB-2009-000032",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
            },
            {
              "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
            },
            {
              "name": "35040",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35040"
            },
            {
              "name": "JVN#62527913",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
            },
            {
              "name": "54616",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/54616"
            },
            {
              "name": "1022263",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1022263"
            },
            {
              "name": "ADV-2009-1390",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1390"
            },
            {
              "name": "35179",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35179"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-1161",
    "datePublished": "2009-05-21T14:00:00",
    "dateReserved": "2009-03-26T00:00:00",
    "dateUpdated": "2024-08-07T05:04:48.874Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1161 (GCVE-0-2009-1161)

Vulnerability from nvd – Published: 2009-05-21 14:00 – Updated: 2024-08-07 05:04

Summary

Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-0…	third-party-advisoryx_refsource_JVNDB
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	http://www.securityfocus.com/bid/35040	vdb-entryx_refsource_BID
	http://jvn.jp/en/jp/JVN62527913/index.html	third-party-advisoryx_refsource_JVN
	http://osvdb.org/54616	vdb-entryx_refsource_OSVDB
	http://securitytracker.com/id?1022263	vdb-entryx_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2009/1390	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/35179	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:48.874Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JVNDB-2009-000032",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
          },
          {
            "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
          },
          {
            "name": "35040",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35040"
          },
          {
            "name": "JVN#62527913",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
          },
          {
            "name": "54616",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/54616"
          },
          {
            "name": "1022263",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1022263"
          },
          {
            "name": "ADV-2009-1390",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1390"
          },
          {
            "name": "35179",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35179"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-05-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-06-04T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "JVNDB-2009-000032",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
        },
        {
          "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
        },
        {
          "name": "35040",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35040"
        },
        {
          "name": "JVN#62527913",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
        },
        {
          "name": "54616",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/54616"
        },
        {
          "name": "1022263",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1022263"
        },
        {
          "name": "ADV-2009-1390",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1390"
        },
        {
          "name": "35179",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35179"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-1161",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVNDB-2009-000032",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
            },
            {
              "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
            },
            {
              "name": "35040",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35040"
            },
            {
              "name": "JVN#62527913",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
            },
            {
              "name": "54616",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/54616"
            },
            {
              "name": "1022263",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1022263"
            },
            {
              "name": "ADV-2009-1390",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1390"
            },
            {
              "name": "35179",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35179"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-1161",
    "datePublished": "2009-05-21T14:00:00",
    "dateReserved": "2009-03-26T00:00:00",
    "dateUpdated": "2024-08-07T05:04:48.874Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

3 vulnerabilities found for ciscoworks_qos_policy_manager by cisco

FKIE_CVE-2009-1161

CVE-2009-1161 (GCVE-0-2009-1161)

CVE-2009-1161 (GCVE-0-2009-1161)