The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38372.
oryginał ENAV:N/AC:L/Au:N/C:C/I:N/A:NCisco Unified Customer Voice Portal
APPCisco3.03.6\(10\)4.04.0\(2\)4.17.07.0\(2\)8.0\(1\)8.5\(1\)9.0≤ 9.0\(1\)
Powiązane podatności
A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (C...
A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Cust...
A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unau...
A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset funct...
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 doe...