CVE-2010-1571

2010-06-1000:30:07

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

69.1%

JSON

Directory traversal vulnerability in the bootstrap service in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP port 6295.

Affected configurations

Nvd

Node

ciscounified_contact_center_expressMatch5.0

ciscounified_contact_center_expressMatch6.0

ciscounified_contact_center_expressMatch7.0

Node

ciscocustomer_response_solutionMatch5.0

ciscocustomer_response_solutionMatch6.0

ciscocustomer_response_solutionMatch7.0

Node

ciscounified_ip_interactive_voice_responseMatch5.0

ciscounified_ip_interactive_voice_responseMatch6.0

ciscounified_ip_interactive_voice_responseMatch7.0

VendorProductVersionCPE
ciscounified_contact_center_express5.0cpe:2.3:a:cisco:unified_contact_center_express:5.0:*:*:*:*:*:*:*
ciscounified_contact_center_express6.0cpe:2.3:a:cisco:unified_contact_center_express:6.0:*:*:*:*:*:*:*
ciscounified_contact_center_express7.0cpe:2.3:a:cisco:unified_contact_center_express:7.0:*:*:*:*:*:*:*
ciscocustomer_response_solution5.0cpe:2.3:a:cisco:customer_response_solution:5.0:*:*:*:*:*:*:*
ciscocustomer_response_solution6.0cpe:2.3:a:cisco:customer_response_solution:6.0:*:*:*:*:*:*:*
ciscocustomer_response_solution7.0cpe:2.3:a:cisco:customer_response_solution:7.0:*:*:*:*:*:*:*
ciscounified_ip_interactive_voice_response5.0cpe:2.3:a:cisco:unified_ip_interactive_voice_response:5.0:*:*:*:*:*:*:*
ciscounified_ip_interactive_voice_response6.0cpe:2.3:a:cisco:unified_ip_interactive_voice_response:6.0:*:*:*:*:*:*:*
ciscounified_ip_interactive_voice_response7.0cpe:2.3:a:cisco:unified_ip_interactive_voice_response:7.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_contact_center_express	5.0	cpe:2.3:a:cisco:unified_contact_center_express:5.0:::::::*
cisco	unified_contact_center_express	6.0	cpe:2.3:a:cisco:unified_contact_center_express:6.0:::::::*
cisco	unified_contact_center_express	7.0	cpe:2.3:a:cisco:unified_contact_center_express:7.0:::::::*
cisco	customer_response_solution	5.0	cpe:2.3:a:cisco:customer_response_solution:5.0:::::::*
cisco	customer_response_solution	6.0	cpe:2.3:a:cisco:customer_response_solution:6.0:::::::*
cisco	customer_response_solution	7.0	cpe:2.3:a:cisco:customer_response_solution:7.0:::::::*
cisco	unified_ip_interactive_voice_response	5.0	cpe:2.3:a:cisco:unified_ip_interactive_voice_response:5.0:::::::*
cisco	unified_ip_interactive_voice_response	6.0	cpe:2.3:a:cisco:unified_ip_interactive_voice_response:6.0:::::::*
cisco	unified_ip_interactive_voice_response	7.0	cpe:2.3:a:cisco:unified_ip_interactive_voice_response:7.0:::::::*