Vulnerability Details CVE-2010-1571
Directory traversal vulnerability in the bootstrap service in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP port 6295.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 62.7%
CVSS Severity
CVSS v2 Score 7.8
References
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2f110.shtml
- http://www.securityfocus.com/bid/40680
- http://www.securitytracker.com/id?1024082
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59277
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2f110.shtml
- http://www.securityfocus.com/bid/40680
- http://www.securitytracker.com/id?1024082
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59277
Products affected by CVE-2010-1571
-
cpe:2.3:a:cisco:customer_response_solution:5.0
-
cpe:2.3:a:cisco:customer_response_solution:6.0
-
cpe:2.3:a:cisco:customer_response_solution:7.0
-
cpe:2.3:a:cisco:unified_contact_center_express:5.0
-
cpe:2.3:a:cisco:unified_contact_center_express:6.0
-
cpe:2.3:a:cisco:unified_contact_center_express:7.0
-
cpe:2.3:a:cisco:unified_ip_interactive_voice_response:5.0
-
cpe:2.3:a:cisco:unified_ip_interactive_voice_response:6.0
-
cpe:2.3:a:cisco:unified_ip_interactive_voice_response:7.0