CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1224

Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (1) HTTP or (2) HTTPS request that triggers incorrect parameter validation, aka Bug ID CSCub38369.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.0%

CVSS Severity

CVSS v2 Score 7.8

References

Products affected by CVE-2013-1224

Cisco » Unified Customer Voice Portal » Version: 3.0

cpe:2.3:a:cisco:unified_customer_voice_portal:3.0
Cisco » Unified Customer Voice Portal » Version: 3.6(10)

cpe:2.3:a:cisco:unified_customer_voice_portal:3.6(10)
Cisco » Unified Customer Voice Portal » Version: 4.0

cpe:2.3:a:cisco:unified_customer_voice_portal:4.0
Cisco » Unified Customer Voice Portal » Version: 4.0(2)

cpe:2.3:a:cisco:unified_customer_voice_portal:4.0(2)
Cisco » Unified Customer Voice Portal » Version: 4.1

cpe:2.3:a:cisco:unified_customer_voice_portal:4.1
Cisco » Unified Customer Voice Portal » Version: 7.0

cpe:2.3:a:cisco:unified_customer_voice_portal:7.0
Cisco » Unified Customer Voice Portal » Version: 7.0(2)

cpe:2.3:a:cisco:unified_customer_voice_portal:7.0(2)
Cisco » Unified Customer Voice Portal » Version: 8.0(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:8.0(1)
Cisco » Unified Customer Voice Portal » Version: 8.5(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:8.5(1)
Cisco » Unified Customer Voice Portal » Version: 9.0

cpe:2.3:a:cisco:unified_customer_voice_portal:9.0
Cisco » Unified Customer Voice Portal » Version: 9.0(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:9.0(1)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1224

Products

Pricing

Contact Us