HIGH✓ PATCH🇬🇧 English

CVE-2013-1223

CVSS 7.8v2.0pub. 2013-05-09upd. 2026-04-29

The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38372.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:C/I:N/A:N
  • Cisco Unified Customer Voice Portal

    APP
    Cisco
    3.03.6\(10\)4.04.0\(2\)4.17.07.0\(2\)8.0\(1\)8.5\(1\)9.0≤ 9.0\(1\)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2020-3402HIGH7.5ten sam produkt

A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (C...

CVE-2018-0139HIGH8.6ten sam produkt

A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Cust...

CVE-2018-0086HIGH8.6ten sam produkt

A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unau...

CVE-2017-12214HIGH8.8ten sam produkt

A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset funct...

CVE-2013-1221HIGH10.0ten sam produkt

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 doe...

CVE-2013-1223 — HIGH 7.8 | CVEbaza.pl