6.3
CVE-2013-6688
- EPSS 0.39%
- Published 18.11.2013 03:55:06
- Last modified 11.04.2025 00:51:21
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and earlier allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCui58222.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Unified Communications Manager Version <= 9.1\(1\)
Cisco ≫ Unified Communications Manager Version4.2
Cisco ≫ Unified Communications Manager Version4.2.1
Cisco ≫ Unified Communications Manager Version4.2.2
Cisco ≫ Unified Communications Manager Version4.2.3
Cisco ≫ Unified Communications Manager Version4.2.3sr1
Cisco ≫ Unified Communications Manager Version4.2.3sr2
Cisco ≫ Unified Communications Manager Version4.2.3sr2b
Cisco ≫ Unified Communications Manager Version4.3
Cisco ≫ Unified Communications Manager Version5.0
Cisco ≫ Unified Communications Manager Version5.1
Cisco ≫ Unified Communications Manager Version5.1.2
Cisco ≫ Unified Communications Manager Version6.0
Cisco ≫ Unified Communications Manager Version8.0
Cisco ≫ Unified Communications Manager Version8.5
Cisco ≫ Unified Communications Manager Version8.6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.59 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.3 | 6.8 | 6.9 |
AV:N/AC:M/Au:S/C:N/I:C/A:N
|
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.