CVE-2013-1221

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal CVP Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted 1 HTTP or 2 HTTPS request, aka Bug ID CSCub38384...

Cross site request forgery (csrf)

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal CVP Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted 1 HTTP or 2 HTTPS request, aka Bug ID CSCub38384...

CVE-2013-1224

CVE-2013-1224 affects Cisco Unified CVP (Resource Manager) prior to 9.0.1 ES 11. A directory traversal flaw allows remote attackers to overwrite arbitrary files by sending crafted HTTP or HTTPS requests that bypass parameter validation (Bug CSCub38369). The issue is tied to the Resource Manager c...

CVE-2013-1221

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal CVP Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted 1 HTTP or 2 HTTPS request, aka Bug ID CSCub38384...

CVE-2013-1223

The CVE-2013-1223 issue affects Cisco Unified CVP Software prior to 9.0.1 ES 11, where the log viewer does not properly validate an unspecified parameter, enabling remote attackers to read arbitrary files via a crafted HTTP or HTTPS request. The vulnerability arises from improper input validation...