Lucene search

[email protected]NVD:CVE-2013-5534

HistoryOct 19, 2013 - 10:36 a.m.

CVE-2013-5534

2013-10-1910:36:08

CWE-22

[email protected]

web.nvd.nist.gov

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.9%

JSON

Directory traversal vulnerability in the attachment service in the Voice Message Web Service (aka VMWS or Cisco Unity Web Service) in Cisco Unity Connection allows remote authenticated users to create files, and consequently execute arbitrary JSP code, via a crafted pathname for a file that is not a valid audio file, aka Bug ID CSCuj22948.

Affected configurations

NVD

Node

ciscounity_connectionMatch-

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5534

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.9%

JSON

Related for NVD:CVE-2013-5534

cisco1 cvelist1 cve1 prion1