CVE-2009-2047: Path Traversal
First published: Thu Jul 16 2009(Updated: )
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Ccx | =7.0\(1\) | |
| Cisco Unified Ip Ivr | =4.1 | |
| Cisco Crs | =4.1 | |
| Cisco Unified Ccx | =4.0\(1\) | |
| Cisco Unified Ip Contact Center Express | =3.0 | |
| Cisco Crs | =4.5 | |
| Cisco Unified Ip Ivr | =6.0 | |
| Cisco Unified Ip Contact Center Express | =5.0\(1\) | |
| Cisco Unified Ccx | =4.0\(4\) | |
| Cisco Unified Ip Ivr | =4.5 | |
| Cisco Crs | =6.0 | |
| Cisco Unified Ip Ivr | =7.0\(1\) | |
| Cisco Unified Ccx | =4.0\(5\) | |
| Cisco Crs | =4.0 | |
| Cisco Unified Ccx | =5.0\(1\) | |
| Cisco Customer Response Applications | =3.5 | |
| Cisco Unified Ccx | =4.5\(1\) | |
| Cisco Unified Ip Contact Center Express | =7.0 | |
| Cisco Unified Ccx | =4.0\(3\) | |
| Cisco Unified Ccx | =3.5 | |
| Cisco Crs | =7.0 | |
| Cisco Unified Ccx | =4.0\(5a\) | |
| Cisco Unified Ip Ivr | =3.0 | |
| Cisco Ip Qm | =3.5 | |
| Cisco Unified Ip Ivr | =3.1 | |
| Cisco Unified Ccx | =6.0\(1\) | |
| Cisco Crs | =5.0 | |
| Cisco Unified Ccx | =4.5\(2\) | |
| Cisco Unified Ip Ivr | =5.0 | |
| Cisco Crs | =3.5 | |
| Cisco Unified Ip Contact Center Express | =6.0\(1\) | |
| Cisco Unified Ip Ivr | =7.0 | |
| Cisco Unified Ip Ivr | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml
- http://www.securityfocus.com/bid/35706
- http://www.securitytracker.com/id?1022569
- http://www.vupen.com/english/advisories/2009/1913
- http://secunia.com/advisories/35861
- http://osvdb.org/55936
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51731
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- vendor/cisco
- canonical/cisco unified ccx
- version/cisco unified ccx/7.0\(1\)
- canonical/cisco unified ip ivr
- version/cisco unified ip ivr/4.1
- canonical/cisco crs
- version/cisco crs/4.1
- version/cisco unified ccx/4.0\(1\)
- canonical/cisco unified ip contact center express
- version/cisco unified ip contact center express/3.0
- version/cisco crs/4.5
- version/cisco unified ip ivr/6.0
- version/cisco unified ip contact center express/5.0\(1\)
- version/cisco unified ccx/4.0\(4\)
- version/cisco unified ip ivr/4.5
- version/cisco crs/6.0
- version/cisco unified ip ivr/7.0\(1\)
- version/cisco unified ccx/4.0\(5\)
- version/cisco crs/4.0
- version/cisco unified ccx/5.0\(1\)
- canonical/cisco customer response applications
- version/cisco customer response applications/3.5
- version/cisco unified ccx/4.5\(1\)
- version/cisco unified ip contact center express/7.0
- version/cisco unified ccx/4.0\(3\)
- version/cisco unified ccx/3.5
- version/cisco crs/7.0
- version/cisco unified ccx/4.0\(5a\)
- version/cisco unified ip ivr/3.0
- canonical/cisco ip qm
- version/cisco ip qm/3.5
- version/cisco unified ip ivr/3.1
- version/cisco unified ccx/6.0\(1\)
- version/cisco crs/5.0
- version/cisco unified ccx/4.5\(2\)
- version/cisco unified ip ivr/5.0
- version/cisco crs/3.5
- version/cisco unified ip contact center express/6.0\(1\)
- version/cisco unified ip ivr/7.0
- version/cisco unified ip ivr/4.0