Directory traversal vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote authenticated users to upload files to arbitrary directories via a modified pathname in an upload request, aka Bug ID CSCti81603.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 01:26
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html - | |
References | () http://secunia.com/advisories/44331 - | |
References | () http://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/47608 - | |
References | () http://www.securitytracker.com/id?1025449 - | |
References | () http://www.vupen.com/english/advisories/2011/1122 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/67127 - |
Information
Published : 2011-05-03 22:55
Updated : 2024-11-21 01:26
NVD link : CVE-2011-1607
Mitre link : CVE-2011-1607
CVE.ORG link : CVE-2011-1607
JSON object : View
Products Affected
cisco
- unified_communications_manager
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')