CVE-2013-1224
Published May 9, 2013
Last updated 11 years ago
Overview
- Description
- Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (1) HTTP or (2) HTTPS request that triggers incorrect parameter validation, aka Bug ID CSCub38369.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:C/A:N
Weaknesses
- nvd@nist.gov
- CWE-22
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2658963-C679-43C8-9A39-AC84F5EEE343",
"versionEndIncluding": "9.0\\(1\\)"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:3.0:sr1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3FA84E2-8B3B-4C19-B135-535E58DF3847"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:3.0:sr2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44B2F5F0-DD35-463C-B73C-00B7911BCDD5"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:3.6\\(10\\):es01:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36E1A7F5-4BA6-4C10-A85B-BB666C457BFC"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B1D46F0-DEC9-418B-8973-6EC44201B0B8"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:4.0\\(2\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE565A29-2DC7-4F4F-8E47-CB404E0AA5AF"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:4.0\\(2\\):sr1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C54FFF1F-2991-46EA-90C9-319F47663699"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "270E39D1-6F71-4C6F-AE91-B0A86057CCCF"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6796545D-C15C-4ADA-8491-31FC26560809"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:7.0\\(2\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9E51515-7E70-4199-8C99-D45F21D989B2"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:8.0\\(1\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8805E471-95E0-45DF-A346-15F10EB281B4"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:8.5\\(1\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6435E484-D475-49C6-8649-7BBD3728B08F"
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D6A6517-6F93-4B4B-91CB-9777EBAFF922"
}
],
"operator": "OR"
}
]
}
]