Информационная безопасность
[RU] switch to English


Обратный путь в каталогах Cisco Unified Communications Manager / Cisco Unified Contact Center Express
дополнено с 31 октября 2011 г.
Опубликовано:11 ноября 2011 г.
Источник:
SecurityVulns ID:12003
Тип:удаленная
Уровень опасности:
5/10
Описание:Обратный путь в каталогах во встроенных веб-службах на портах TCP/8080 и TCP/9080.
Затронутые продукты:CISCO : Unified Communications Manager 6.1
 CISCO : Unified Communications Manager 7.1
 CISCO : Unified Communications Manager 8.0
 CISCO : Unified Communications Manager 8.5
 CISCO : Unified Contact Center Express 6.0
 CISCO : Unified Contact Center Express 7.0
 CISCO : Unified Contact Center Express 8.0
 CISCO : Unified Contact Center Express 8.5
CVE:CVE-2011-3315 (Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.)
Оригинальный текстdocumententomology, Cisco CUCM - Multiple Vulnerabilities (11.11.2011)
 documentddivulnalert_(at)_ddifrontline.com, DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal [CVE-2011-3315] (31.10.2011)
 documentCISCO, Cisco Security Advisory: Cisco Unified Contact Center Express Directory Traversal Vulnerability (31.10.2011)
 documentCISCO, Cisco Security Advisory: Cisco Unified Communications Manager Directory Traversal Vulnerability (31.10.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород