CVE-2009-1161

Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:windows:*:*:*:*:*
OR cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_voice_manager:3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_voice_manager:3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:security_manager:3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:security_manager:3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_operations_manager:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_provisioning_manager:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_provisioning_manager:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_provisioning_manager:1.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_provisioning_manager:1.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_service_monitor:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_service_monitor:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_service_monitor:2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_service_monitor:2.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2009-05-21 14:30

Updated : 2024-02-28 11:21


NVD link : CVE-2009-1161

Mitre link : CVE-2009-1161

CVE.ORG link : CVE-2009-1161


JSON object : View

Products Affected

cisco

  • ciscoworks_qos_policy_manager
  • ciscoworks_common_services
  • ciscoworks_lan_management_solution
  • ciscoworks_health_and_utilization_monitor
  • ciscoworks_voice_manager
  • unified_service_monitor
  • telepresence_readiness_assessment_manager
  • unified_provisioning_manager
  • unified_operations_manager
  • security_manager
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')