Lucene search

CiscoCVE-2013-1223

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-1223

2022-10-0316:14:47

CWE-20

cisco

web.nvd.nist.gov

cisco

unified customer voice portal

cvp software

cve-2013-1223

security vulnerability

remote attack

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

55.9%

JSON

The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38372.

Affected configurations

Nvd

Node

ciscounified_customer_voice_portalRange≤9.0\(1\)

ciscounified_customer_voice_portalMatch3.0sr1

ciscounified_customer_voice_portalMatch3.0sr2

ciscounified_customer_voice_portalMatch3.6\(10\)es01

ciscounified_customer_voice_portalMatch4.0

ciscounified_customer_voice_portalMatch4.0\(2\)

ciscounified_customer_voice_portalMatch4.0\(2\)sr1

ciscounified_customer_voice_portalMatch4.1

ciscounified_customer_voice_portalMatch7.0

ciscounified_customer_voice_portalMatch7.0\(2\)

ciscounified_customer_voice_portalMatch8.0\(1\)

ciscounified_customer_voice_portalMatch8.5\(1\)

ciscounified_customer_voice_portalMatch9.0

VendorProductVersionCPE
ciscounified_customer_voice_portal3.0cpe:/a:cisco:unified_customer_voice_portal:3.0:sr1::
ciscounified_customer_voice_portal7.0cpe:/a:cisco:unified_customer_voice_portal:7.0:::
ciscounified_customer_voice_portal8.0%281%29cpe:/a:cisco:unified_customer_voice_portal:8.0%281%29:::
ciscounified_customer_voice_portal9.0cpe:/a:cisco:unified_customer_voice_portal:9.0:::
ciscounified_customer_voice_portal4.0%282%29cpe:/a:cisco:unified_customer_voice_portal:4.0%282%29:sr1::
ciscounified_customer_voice_portal4.1cpe:/a:cisco:unified_customer_voice_portal:4.1:::
ciscounified_customer_voice_portal3.6%2810%29cpe:/a:cisco:unified_customer_voice_portal:3.6%2810%29:es01::
ciscounified_customer_voice_portal8.5%281%29cpe:/a:cisco:unified_customer_voice_portal:8.5%281%29:::
ciscounified_customer_voice_portal3.0cpe:/a:cisco:unified_customer_voice_portal:3.0:sr2::
ciscounified_customer_voice_portal4.0cpe:/a:cisco:unified_customer_voice_portal:4.0:::

Vendor	Product	Version	CPE
cisco	unified_customer_voice_portal	3.0	cpe:/a:cisco:unified_customer_voice_portal:3.0:sr1::
cisco	unified_customer_voice_portal	7.0	cpe:/a:cisco:unified_customer_voice_portal:7.0:::
cisco	unified_customer_voice_portal	8.0%281%29	cpe:/a:cisco:unified_customer_voice_portal:8.0%281%29:::
cisco	unified_customer_voice_portal	9.0	cpe:/a:cisco:unified_customer_voice_portal:9.0:::
cisco	unified_customer_voice_portal	4.0%282%29	cpe:/a:cisco:unified_customer_voice_portal:4.0%282%29:sr1::
cisco	unified_customer_voice_portal	4.1	cpe:/a:cisco:unified_customer_voice_portal:4.1:::
cisco	unified_customer_voice_portal	3.6%2810%29	cpe:/a:cisco:unified_customer_voice_portal:3.6%2810%29:es01::
cisco	unified_customer_voice_portal	8.5%281%29	cpe:/a:cisco:unified_customer_voice_portal:8.5%281%29:::
cisco	unified_customer_voice_portal	3.0	cpe:/a:cisco:unified_customer_voice_portal:3.0:sr2::
cisco	unified_customer_voice_portal	4.0	cpe:/a:cisco:unified_customer_voice_portal:4.0:::

Rows per page:

1-10 of 131

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130508-cvp

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

55.9%

JSON

Related for CVE-2013-1223