CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-3426

The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh52810.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.3%

CVSS Severity

CVSS v2 Score 5.0

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3426
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3426

Products affected by CVE-2013-3426

Cisco » Unified Ip Phone 9951 » Version: N/A

cpe:2.3:h:cisco:unified_ip_phone_9951:-
Cisco » Unified Ip Phone 9971 » Version: N/A

cpe:2.3:h:cisco:unified_ip_phone_9971:-
Cisco » Unified Ip Phones 9900 Series Firmware » Version: N/A

cpe:2.3:o:cisco:unified_ip_phones_9900_series_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-3426

Products

Pricing

Contact Us