Executive Summary
Summary | |
---|---|
Title | Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software |
Informations | |||
---|---|---|---|
Name | cisco-sa-20130508-cvp | First vendor Publication | 2013-05-08 |
Vendor | Cisco | Last vendor Modification | 2013-05-08 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cisco Unified Customer Voice Portal Software (Unified CVP) contains multiple vulnerabilities. Various components of Cisco Unified CVP are affected; see the "Details" section for more information on the vulnerabilities. These vulnerabilities can be exploited independently; however, more than one vulnerability could be exploited on the same device. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate some of these vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130508-cvp BEGIN PGP SIGNATURE Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlGIWaUACgkQUddfH3/BbTpQMQD9HWwMuwQ7YSyrqYDSDkcnesWh XsvSL0PXA8lMaS+bSKMBAI/ChGvff6/MJuP6KqAAfHUkVQe8qyxsJGyk0lluGNtQ =HN7d END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
40 % | CWE-16 | Configuration |
20 % | CWE-264 | Permissions, Privileges, and Access Controls |
20 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
20 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Alert History
Date | Informations |
---|---|
2013-05-09 17:20:37 |
|
2013-05-08 21:18:36 |
|