Search criteria

9 vulnerabilities found for unified_ip_ivr by cisco

FKIE_CVE-2011-3315

Vulnerability from fkie_nvd - Published: 2011-10-27 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucmVendor Advisory
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccxVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucmVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccxVendor Advisory
Impacted products
Vendor Product Version
cisco unified_ip_interactive_voice_response -
cisco unified_ip_ivr 6.0\(1\)
cisco unified_ip_ivr 7.0\(1\)
cisco unified_ip_ivr 7.0\(2\)
cisco unified_ip_ivr 8.0\(1\)
cisco unified_ip_ivr 8.0\(2\)
cisco unified_ip_ivr 8.5\(1\)
cisco unified_ccx 6.0\(1\)
cisco unified_ccx 7.0\(1\)
cisco unified_ccx 7.0\(2\)
cisco unified_ccx 8.0\(1\)
cisco unified_ccx 8.0\(2\)
cisco unified_ccx 8.5\(1\)
cisco unified_communications_manager 5.0
cisco unified_communications_manager 5.1
cisco unified_communications_manager 5.1\(1\)
cisco unified_communications_manager 5.1\(1b\)
cisco unified_communications_manager 5.1\(1c\)
cisco unified_communications_manager 5.1\(2\)
cisco unified_communications_manager 5.1\(2a\)
cisco unified_communications_manager 5.1\(2b\)
cisco unified_communications_manager 5.1\(3\)
cisco unified_communications_manager 5.1\(3a\)
cisco unified_communications_manager 5.1\(3c\)
cisco unified_communications_manager 5.1\(3d\)
cisco unified_communications_manager 5.1\(3e\)
cisco unified_communications_manager 5.1.2
cisco unified_communications_manager 6.0
cisco unified_communications_manager 6.1\(1\)
cisco unified_communications_manager 6.1\(1a\)
cisco unified_communications_manager 6.1\(1b\)
cisco unified_communications_manager 6.1\(2\)
cisco unified_communications_manager 6.1\(2\)su1
cisco unified_communications_manager 6.1\(2\)su1a
cisco unified_communications_manager 6.1\(3\)
cisco unified_communications_manager 6.1\(3a\)
cisco unified_communications_manager 6.1\(3b\)
cisco unified_communications_manager 6.1\(3b\)su1
cisco unified_communications_manager 6.1\(4\)
cisco unified_communications_manager 6.1\(4\)su1
cisco unified_communications_manager 6.1\(4a\)
cisco unified_communications_manager 6.1\(4a\)su2
cisco unified_communications_manager 6.1\(5\)
cisco unified_communications_manager 6.1\(5\)su1
cisco unified_communications_manager 7.0\(1\)su1
cisco unified_communications_manager 7.0\(1\)su1a
cisco unified_communications_manager 7.0\(2\)
cisco unified_communications_manager 7.0\(2a\)
cisco unified_communications_manager 7.0\(2a\)su1
cisco unified_communications_manager 7.0\(2a\)su2
cisco unified_communications_manager 7.1\(2a\)
cisco unified_communications_manager 7.1\(2a\)su1
cisco unified_communications_manager 7.1\(2b\)
cisco unified_communications_manager 7.1\(2b\)su1
cisco unified_communications_manager 7.1\(3\)
cisco unified_communications_manager 7.1\(3a\)
cisco unified_communications_manager 7.1\(3a\)su1
cisco unified_communications_manager 7.1\(3a\)su1a
cisco unified_communications_manager 7.1\(3b\)
cisco unified_communications_manager 7.1\(3b\)su1
cisco unified_communications_manager 7.1\(3b\)su2
cisco unified_communications_manager 7.1\(5\)
cisco unified_communications_manager 7.1\(5\)su1
cisco unified_communications_manager 7.1\(5\)su1a
cisco unified_communications_manager 7.1\(5a\)
cisco unified_communications_manager 7.1\(5b\)
cisco unified_communications_manager 7.1\(5b\)su1
cisco unified_communications_manager 7.1\(5b\)su1a
cisco unified_communications_manager 8.0
cisco unified_communications_manager 8.0\(1\)
cisco unified_communications_manager 8.0\(2\)
cisco unified_communications_manager 8.0\(2a\)
cisco unified_communications_manager 8.0\(2b\)
cisco unified_communications_manager 8.0\(2c\)
cisco unified_communications_manager 8.0\(2c\)su1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_interactive_voice_response:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A0811D-F2CF-40FC-81D2-94A5ED94919B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:6.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E8AC426E-23CD-482C-B685-74E878BAC6CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:7.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "53C79246-3D29-4A8E-94DD-8771964B7E4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:7.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "42BEC70D-CF5E-4502-A8F4-4E33BD8211B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:8.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "342BA247-E04A-4A9A-BC7B-F517F59737A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:8.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "880CF3B2-091F-4D3C-8D92-67600C317F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:8.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0F55067A-877D-46F3-8125-8F19C221D90B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:6.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DBAF3470-5AF5-4B26-AA92-A92E908A52E4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:7.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A8CDC6A2-319F-4C83-8042-BEF6C9FD1C2B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:7.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "947A904F-0C92-4ECF-9274-82B1F384E9F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:8.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F7A63A8E-5C77-4FA9-BFCE-EDD840592D55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:8.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "88373C07-1C93-46B4-8D46-9D790262764C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:8.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B9235568-323C-4060-8E7D-2CDC9C19DDAA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2AF68FA-433F-46F2-B309-B60A108BECFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "640BFEE2-B364-411E-B641-7471B88ED7CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9FDFF3-2E60-4E41-9251-93283D945D94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1022C151-6EC8-4E8D-85ED-59D51551BDAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1c\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "060593BD-ADC1-4282-BC6D-E0D6A2B7C8D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "239510AD-8BB0-4515-B1DA-80DE696D25DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "26277C4A-4E27-492C-B18C-AC68D86ADF55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9003EC1A-6E85-41F1-BB5D-B841C9C28105",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0318CF61-B892-4D44-B41A-D630B4AB808C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9CDA8A78-BA6C-4451-8EAA-B83C3A6C6BA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3c\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "84A49932-1E22-4BE0-8195-926D44F65AAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3d\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4DE1B0DD-EA64-493B-86B7-9057EE5033C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3e\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "00ECD7C0-7F3C-4021-B949-32141E58687C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E51D8BF-12BB-4DD1-9232-1D066889B30F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "819AE879-5BF9-494E-8905-1E1E867EB5A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6CC94003-72B6-45C3-A07E-0A08F1562B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "958A2707-0F1A-4719-BB9F-DC9ED129105A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "48A8EE9A-458D-4619-B04D-F01A9934DC11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "597D9674-F44D-4A31-A2F2-2790ED698A91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2B7439-8547-41A6-AE6C-6ABCD167890E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\)su1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3EB2A0-6907-4260-BBF1-D8E6E40827FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BE122F76-ECDB-4446-825C-EF02257D8C08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "44280E56-C151-4C08-804D-001F91FF2AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BD968A56-9539-4699-9099-0F220D283CB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3b\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4CEBB9B-2B43-44C2-BC93-55E58C24CED4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FE2597F4-9B5B-4E2E-8DA5-40D769CC57B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "665ACEFC-B989-42AB-BAB4-2C273CF2B702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4F9ABF04-C732-4509-8589-F58E1D5F66E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4a\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D899431-7C91-4CB4-9CBA-D5BA34B7B330",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FC13697F-84A3-4793-B82E-6E8857B4FC3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(5\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC24D57B-3D0C-486D-83CB-A4E419CA9626",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "72C54A10-998C-435F-B058-A6879CD608A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(1\\)su1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D81D69D5-E669-4DBC-A76B-E9C30A239A2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FCB47159-FA07-4317-B562-D7AB7C49E8F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8765E016-7C6F-4C36-A22C-78ED8666F7E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2a\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B3D5254-3E67-452E-ADB3-204A66765952",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2a\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3680AB-CEF8-4C2C-A46B-C9009E6A6590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B591E75E-040C-4D26-AF13-A4F87E048579",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2a\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22B2CDE-DB49-402D-8BF2-B9458D907DDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "18986D7E-E1E6-46EB-A247-2A98224FC122",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2b\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFAAC2E8-B548-4940-9492-DEAB574E7CF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "46BDD926-7F96-46C5-AD9C-40B7D3C78340",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7BA63076-B8A1-4672-99F3-703F7838F3A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EADE6FA-40F8-4BEB-ABDB-77D4C0E587BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\)su1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F84676C-75A5-48D2-889D-B48EC724336F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2EA15D48-A0DE-4091-8C78-666E98B488C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3038823F-C32D-4C1B-8228-D14B35535297",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "617E82C3-1CB1-46B2-BCFE-94BF9DBDD1D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2ECDCE1A-176D-46E0-9C39-19FAD7B57892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6856A2A-55F4-4785-BEC1-54295D7D9CD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5\\)su1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2727998A-ED1F-4EFE-9952-7DA8486706D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F61FD826-A08E-477C-AA57-359B10387035",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7A9EDB91-350B-4ED4-A177-257023380C44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CBA6140-CEF7-4990-9A1E-76F02607BA84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DCF2F2A-DF52-4BD8-A56B-B4E91CD1D1E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "248E4608-B870-4913-8048-3771685CBD77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "52D7EECA-322E-48E4-9682-6C3C39B64B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "547E3100-EFBF-4F30-8D9E-81F8B79D9F9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BCE55716-ACB7-411B-B708-415D4DB1D8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "916C8A47-B3DA-42C0-BE2F-041269F79CF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2c\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C09FE52A-E0AF-4B0F-A44E-4362E26A88D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2c\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9AD0704-6F85-4E64-88D4-73E8BB2BEF4E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en Cisco Unified Communications Manager (CUCM) v5.x y v6.x anterior v6.1(5)SU2, v7.x anterior v7.1(5b)SU2 y v8.x anterior v8.0(3), y Cisco Unified Contact Center Express (tambi\u00e9n conocido como Unified CCX o UCCX) y Cisco Unified IP Interactive Voice Response (Unified IP-IVR) anterior a v6.0(1)SR1ES8, v7.0(x) anterior a v7.0(2)ES1, v8.0(x) hasta v8.0(2)SU3, y v8.5(x) anterior a v8.5(1)SU2, permite a atacantes remotos leer ficheros arbitrarios mediante una URL especialmente dise\u00f1ada, tambi\u00e9n conocido como Bug IDs CSCth09343 y CSCts44049."
    }
  ],
  "id": "CVE-2011-3315",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-10-27T21:55:00.823",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2009-2048

Vulnerability from fkie_nvd - Published: 2009-07-16 15:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.
References
psirt@cisco.comhttp://osvdb.org/55937
psirt@cisco.comhttp://secunia.com/advisories/35861
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/35705
psirt@cisco.comhttp://www.securitytracker.com/id?1022569
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/1913
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/51730
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/55937
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35861
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/35705
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022569
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1913
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/51730
Impacted products
Vendor Product Version
cisco crs 3.5
cisco crs 4.0
cisco crs 4.1
cisco crs 4.5
cisco crs 5.0
cisco crs 6.0
cisco crs 7.0
cisco customer_response_applications 3.5
cisco ip_qm 3.5
cisco unified_ccx 3.5
cisco unified_ccx 4.0\(1\)
cisco unified_ccx 4.0\(3\)
cisco unified_ccx 4.0\(4\)
cisco unified_ccx 4.0\(5\)
cisco unified_ccx 4.0\(5a\)
cisco unified_ccx 4.5\(1\)
cisco unified_ccx 4.5\(2\)
cisco unified_ccx 5.0\(1\)
cisco unified_ccx 6.0\(1\)
cisco unified_ccx 7.0\(1\)
cisco unified_ip_contact_center_express 3.0
cisco unified_ip_contact_center_express 5.0\(1\)
cisco unified_ip_contact_center_express 6.0\(1\)
cisco unified_ip_contact_center_express 7.0
cisco unified_ip_ivr 3.0
cisco unified_ip_ivr 3.1
cisco unified_ip_ivr 4.0
cisco unified_ip_ivr 4.1
cisco unified_ip_ivr 4.5
cisco unified_ip_ivr 5.0
cisco unified_ip_ivr 6.0
cisco unified_ip_ivr 7.0
cisco unified_ip_ivr 7.0\(1\)
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:crs:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C6F8BA2-EA5E-4E90-8390-2D29E8FAB4AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E010B8C0-06BF-42C9-8AE6-8A0A6696EC9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98203DF7-2B21-4D7F-B32C-E9E6C24E1A9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "629B1A0E-A13F-4209-B070-960392893299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6B9D0-5F88-4F48-A313-D478FB9919FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F979F18-29A6-433C-91A4-0042EC275CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6008EC-FB15-43B3-8B09-3BFB28536EC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:customer_response_applications:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5DC9FD7-0716-456C-895F-74BC7866C520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ip_qm:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BC0CC96-C3DD-4564-8323-3EAB9ACBFF45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD62E8B9-9715-4217-864F-C54F1DEE835F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "32F36940-BF16-4C7C-A24C-D923AF333709",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F2BE86CE-EF95-4841-B145-DFA4D0E0EF4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "369C0FF7-BC46-400E-AC61-F97BAFDE14FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.0\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6883E046-DA9D-4402-A22B-31140D6C8054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.0\\(5a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ED3C91A3-E343-4FAC-85D7-649C7ECE6E64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "51E21F75-530E-4399-B8EC-1E933711D6E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.5\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6273D50B-8D2B-4F5A-B4F3-2CC86F5B730F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:5.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AB3F5DF8-E9A7-4812-8677-BDCE4679ED9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:6.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DBAF3470-5AF5-4B26-AA92-A92E908A52E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:7.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A8CDC6A2-319F-4C83-8042-BEF6C9FD1C2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_contact_center_express:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA09955E-62F4-4098-8FFF-C61D33EB8AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_contact_center_express:5.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA8057F-7E31-4F9D-992E-621DCD7C4089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_contact_center_express:6.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1568EE5B-716D-439B-9017-8498C9353B4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_contact_center_express:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCFA9981-ED56-4D5B-AF82-1BCC551FE02A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71082BE9-AF48-460A-9127-4D5D6DBA02F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDFDB400-1557-4A6D-A40F-00271A666A0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E744A286-EA75-4E20-8503-12217FE0F03E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4B5083B-0782-4668-B88A-A6DB65A4AFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3782F66-76E2-4912-AA16-CB552A8C4ED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A26B5F10-147A-4C32-BE98-F24407E4973F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1E4FAEE-BE07-45D8-A7F4-92668CA9BF8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "73CA4024-4F80-466A-9383-9A68E2FAC995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:7.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "53C79246-3D29-4A8E-94DD-8771964B7E4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados - XSS - en el interfaz de administraci\u00f3n en Cisco Customer Response Solutions (CRS) anteriores a v7.0(1) SR2 en el servidor Cisco Unified Contact Center Express (tambi\u00e9n conocido como CCX) permite a los usuarios remotos autenticado inyectar arbitrariamente una secuencia de comandos web o HTML en la base de datos CCX a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2009-2048",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-07-16T15:30:00.767",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/55937"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/35861"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/35705"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1022569"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/1913"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/55937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/35705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022569"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2009-2047

Vulnerability from fkie_nvd - Published: 2009-07-16 15:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.
References
psirt@cisco.comhttp://osvdb.org/55936
psirt@cisco.comhttp://secunia.com/advisories/35861
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/35706Patch
psirt@cisco.comhttp://www.securitytracker.com/id?1022569
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/1913
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/51731
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/55936
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35861
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/35706Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022569
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1913
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/51731
Impacted products
Vendor Product Version
cisco crs 3.5
cisco crs 4.0
cisco crs 4.1
cisco crs 4.5
cisco crs 5.0
cisco crs 6.0
cisco crs 7.0
cisco customer_response_applications 3.5
cisco ip_qm 3.5
cisco unified_ccx 3.5
cisco unified_ccx 4.0\(1\)
cisco unified_ccx 4.0\(3\)
cisco unified_ccx 4.0\(4\)
cisco unified_ccx 4.0\(5\)
cisco unified_ccx 4.0\(5a\)
cisco unified_ccx 4.5\(1\)
cisco unified_ccx 4.5\(2\)
cisco unified_ccx 5.0\(1\)
cisco unified_ccx 6.0\(1\)
cisco unified_ccx 7.0\(1\)
cisco unified_ip_contact_center_express 3.0
cisco unified_ip_contact_center_express 5.0\(1\)
cisco unified_ip_contact_center_express 6.0\(1\)
cisco unified_ip_contact_center_express 7.0
cisco unified_ip_ivr 3.0
cisco unified_ip_ivr 3.1
cisco unified_ip_ivr 4.0
cisco unified_ip_ivr 4.1
cisco unified_ip_ivr 4.5
cisco unified_ip_ivr 5.0
cisco unified_ip_ivr 6.0
cisco unified_ip_ivr 7.0
cisco unified_ip_ivr 7.0\(1\)
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:crs:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C6F8BA2-EA5E-4E90-8390-2D29E8FAB4AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E010B8C0-06BF-42C9-8AE6-8A0A6696EC9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98203DF7-2B21-4D7F-B32C-E9E6C24E1A9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "629B1A0E-A13F-4209-B070-960392893299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6B9D0-5F88-4F48-A313-D478FB9919FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F979F18-29A6-433C-91A4-0042EC275CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:crs:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6008EC-FB15-43B3-8B09-3BFB28536EC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:customer_response_applications:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5DC9FD7-0716-456C-895F-74BC7866C520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ip_qm:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BC0CC96-C3DD-4564-8323-3EAB9ACBFF45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD62E8B9-9715-4217-864F-C54F1DEE835F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "32F36940-BF16-4C7C-A24C-D923AF333709",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F2BE86CE-EF95-4841-B145-DFA4D0E0EF4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "369C0FF7-BC46-400E-AC61-F97BAFDE14FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.0\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6883E046-DA9D-4402-A22B-31140D6C8054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.0\\(5a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ED3C91A3-E343-4FAC-85D7-649C7ECE6E64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "51E21F75-530E-4399-B8EC-1E933711D6E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:4.5\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6273D50B-8D2B-4F5A-B4F3-2CC86F5B730F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:5.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AB3F5DF8-E9A7-4812-8677-BDCE4679ED9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:6.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DBAF3470-5AF5-4B26-AA92-A92E908A52E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ccx:7.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A8CDC6A2-319F-4C83-8042-BEF6C9FD1C2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_contact_center_express:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA09955E-62F4-4098-8FFF-C61D33EB8AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_contact_center_express:5.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA8057F-7E31-4F9D-992E-621DCD7C4089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_contact_center_express:6.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1568EE5B-716D-439B-9017-8498C9353B4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_contact_center_express:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCFA9981-ED56-4D5B-AF82-1BCC551FE02A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71082BE9-AF48-460A-9127-4D5D6DBA02F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDFDB400-1557-4A6D-A40F-00271A666A0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E744A286-EA75-4E20-8503-12217FE0F03E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4B5083B-0782-4668-B88A-A6DB65A4AFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3782F66-76E2-4912-AA16-CB552A8C4ED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A26B5F10-147A-4C32-BE98-F24407E4973F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1E4FAEE-BE07-45D8-A7F4-92668CA9BF8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "73CA4024-4F80-466A-9383-9A68E2FAC995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_ip_ivr:7.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "53C79246-3D29-4A8E-94DD-8771964B7E4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en el interfaz de administraci\u00f3n en Cisco Customer Response Solutions (CRS) anteriores a v7.0(1) SR2 en el servidor Cisco Unified Contact Center Express (tambi\u00e9n conocido como CCX) permite a los usuarios remotos autenticados leer, modificar y borrar ficheros arbitrarios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2009-2047",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-07-16T15:30:00.750",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/55936"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/35861"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/35706"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1022569"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/1913"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/55936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/35706"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022569"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2011-3315 (GCVE-0-2011-3315)

Vulnerability from cvelistv5 – Published: 2011-10-27 21:00 – Updated: 2024-09-17 02:31
VLAI?
Summary
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:29:56.698Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20111026 Cisco Unified Communications Manager Directory Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm"
          },
          {
            "name": "20111026 Cisco Unified Contact Center Express Directory Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-27T21:00:00Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20111026 Cisco Unified Communications Manager Directory Traversal Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm"
        },
        {
          "name": "20111026 Cisco Unified Contact Center Express Directory Traversal Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2011-3315",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20111026 Cisco Unified Communications Manager Directory Traversal Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm"
            },
            {
              "name": "20111026 Cisco Unified Contact Center Express Directory Traversal Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2011-3315",
    "datePublished": "2011-10-27T21:00:00Z",
    "dateReserved": "2011-08-29T00:00:00Z",
    "dateUpdated": "2024-09-17T02:31:56.728Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-2048 (GCVE-0-2009-2048)

Vulnerability from cvelistv5 – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securitytracker.com/id?1022569 vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://secunia.com/advisories/35861 third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/55937 vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2009/1913 vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/bid/35705 vdb-entryx_refsource_BID
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:36:20.948Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1022569",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022569"
          },
          {
            "name": "unified-ccx-interface-xss(51730)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
          },
          {
            "name": "35861",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35861"
          },
          {
            "name": "55937",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55937"
          },
          {
            "name": "ADV-2009-1913",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1913"
          },
          {
            "name": "35705",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35705"
          },
          {
            "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1022569",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022569"
        },
        {
          "name": "unified-ccx-interface-xss(51730)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
        },
        {
          "name": "35861",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35861"
        },
        {
          "name": "55937",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55937"
        },
        {
          "name": "ADV-2009-1913",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1913"
        },
        {
          "name": "35705",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35705"
        },
        {
          "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-2048",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022569",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "unified-ccx-interface-xss(51730)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
            },
            {
              "name": "35861",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "55937",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55937"
            },
            {
              "name": "ADV-2009-1913",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "35705",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35705"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-2048",
    "datePublished": "2009-07-16T15:00:00",
    "dateReserved": "2009-06-12T00:00:00",
    "dateUpdated": "2024-08-07T05:36:20.948Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-2047 (GCVE-0-2009-2047)

Vulnerability from cvelistv5 – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36
VLAI?
Summary
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securitytracker.com/id?1022569 vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/35861 third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/35706 vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2009/1913 vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
http://osvdb.org/55936 vdb-entryx_refsource_OSVDB
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:36:20.764Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1022569",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022569"
          },
          {
            "name": "35861",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35861"
          },
          {
            "name": "35706",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35706"
          },
          {
            "name": "ADV-2009-1913",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1913"
          },
          {
            "name": "unified-ccx-interface-directory-traversal(51731)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
          },
          {
            "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
          },
          {
            "name": "55936",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55936"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1022569",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022569"
        },
        {
          "name": "35861",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35861"
        },
        {
          "name": "35706",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35706"
        },
        {
          "name": "ADV-2009-1913",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1913"
        },
        {
          "name": "unified-ccx-interface-directory-traversal(51731)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
        },
        {
          "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
        },
        {
          "name": "55936",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55936"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-2047",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022569",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "35861",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "35706",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35706"
            },
            {
              "name": "ADV-2009-1913",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "unified-ccx-interface-directory-traversal(51731)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            },
            {
              "name": "55936",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55936"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-2047",
    "datePublished": "2009-07-16T15:00:00",
    "dateReserved": "2009-06-12T00:00:00",
    "dateUpdated": "2024-08-07T05:36:20.764Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-3315 (GCVE-0-2011-3315)

Vulnerability from nvd – Published: 2011-10-27 21:00 – Updated: 2024-09-17 02:31
VLAI?
Summary
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:29:56.698Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20111026 Cisco Unified Communications Manager Directory Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm"
          },
          {
            "name": "20111026 Cisco Unified Contact Center Express Directory Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-27T21:00:00Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20111026 Cisco Unified Communications Manager Directory Traversal Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm"
        },
        {
          "name": "20111026 Cisco Unified Contact Center Express Directory Traversal Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2011-3315",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20111026 Cisco Unified Communications Manager Directory Traversal Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm"
            },
            {
              "name": "20111026 Cisco Unified Contact Center Express Directory Traversal Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2011-3315",
    "datePublished": "2011-10-27T21:00:00Z",
    "dateReserved": "2011-08-29T00:00:00Z",
    "dateUpdated": "2024-09-17T02:31:56.728Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-2048 (GCVE-0-2009-2048)

Vulnerability from nvd – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securitytracker.com/id?1022569 vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://secunia.com/advisories/35861 third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/55937 vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2009/1913 vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/bid/35705 vdb-entryx_refsource_BID
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:36:20.948Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1022569",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022569"
          },
          {
            "name": "unified-ccx-interface-xss(51730)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
          },
          {
            "name": "35861",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35861"
          },
          {
            "name": "55937",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55937"
          },
          {
            "name": "ADV-2009-1913",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1913"
          },
          {
            "name": "35705",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35705"
          },
          {
            "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1022569",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022569"
        },
        {
          "name": "unified-ccx-interface-xss(51730)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
        },
        {
          "name": "35861",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35861"
        },
        {
          "name": "55937",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55937"
        },
        {
          "name": "ADV-2009-1913",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1913"
        },
        {
          "name": "35705",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35705"
        },
        {
          "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-2048",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022569",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "unified-ccx-interface-xss(51730)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
            },
            {
              "name": "35861",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "55937",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55937"
            },
            {
              "name": "ADV-2009-1913",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "35705",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35705"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-2048",
    "datePublished": "2009-07-16T15:00:00",
    "dateReserved": "2009-06-12T00:00:00",
    "dateUpdated": "2024-08-07T05:36:20.948Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-2047 (GCVE-0-2009-2047)

Vulnerability from nvd – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36
VLAI?
Summary
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securitytracker.com/id?1022569 vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/35861 third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/35706 vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2009/1913 vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
http://osvdb.org/55936 vdb-entryx_refsource_OSVDB
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:36:20.764Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1022569",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022569"
          },
          {
            "name": "35861",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35861"
          },
          {
            "name": "35706",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35706"
          },
          {
            "name": "ADV-2009-1913",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1913"
          },
          {
            "name": "unified-ccx-interface-directory-traversal(51731)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
          },
          {
            "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
          },
          {
            "name": "55936",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55936"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1022569",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022569"
        },
        {
          "name": "35861",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35861"
        },
        {
          "name": "35706",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35706"
        },
        {
          "name": "ADV-2009-1913",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1913"
        },
        {
          "name": "unified-ccx-interface-directory-traversal(51731)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
        },
        {
          "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
        },
        {
          "name": "55936",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55936"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-2047",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022569",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "35861",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "35706",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35706"
            },
            {
              "name": "ADV-2009-1913",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "unified-ccx-interface-directory-traversal(51731)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            },
            {
              "name": "55936",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55936"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-2047",
    "datePublished": "2009-07-16T15:00:00",
    "dateReserved": "2009-06-12T00:00:00",
    "dateUpdated": "2024-08-07T05:36:20.764Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}