CVE-2011-3315

Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.

Severity	HIGH
CVSS	7.8
CWE	CWE-22
KEV
Published	14 years ago
Modified	2 weeks ago

Related Products

Product	Advisory
Cisco RV Series Routers	cisco-sa-20111026-uccx
Cisco Nexus Dashboard	cisco-sa-20111026-uccx
Cisco Catalyst PON Series Switches	cisco-sa-20111026-uccx
Cisco Application Centric Infrastructure Virtual Edge	cisco-sa-20111026-uccx
Cisco RV Series Routers	cisco-sa-20111026-cucm
Cisco Nexus Dashboard	cisco-sa-20111026-cucm
Cisco Catalyst PON Series Switches	cisco-sa-20111026-cucm
Cisco Application Centric Infrastructure Virtual Edge	cisco-sa-20111026-cucm
Cisco Unified IP Interactive Voice Response	cisco-sa-20111026-uccx
Cisco Unified Contact Center Express	cisco-sa-20111026-uccx
Cisco Unified Contact Center	cisco-sa-20111026-uccx
Cisco Unified Communications Manager	cisco-sa-20111026-uccx
Cisco Unified IP Interactive Voice Response	cisco-sa-20111026-cucm
Cisco Unified Contact Center Express	cisco-sa-20111026-cucm
Cisco Unified Contact Center	cisco-sa-20111026-cucm
Cisco Unified Communications Manager	cisco-sa-20111026-cucm