Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27245
HistoryOct 31, 2011 - 12:00 a.m.

DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal [CVE-2011-3315]

2011-10-3100:00:00
vulners.com
49
cisco uccx
directory traversal
cve-2011-3315
high severity
august 9
2011
digital defense inc
vulnerability research team
cisco patch
remote attacker
console access
ccxcluster user
software update
cisco website

EPSS

0.851

Percentile

98.6%

Title

DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal [CVE-2011-3315]

Severity

High

Date Discovered

August 9, 2011

Discovered By

Digital Defense, Inc. Vulnerability Research Team
Credit: r@b13$

Vulnerability Description

The default deployment of Cisco Unified Contact Center
Express (UCCX) system is configured with multiple listening
services. The web service that is listening on TCP port 9080,
or on TCP port 8080 in versions prior to 8.0(x), serves a
directory which is configured in a way that allows for a remote
unauthenticated attacker to retrieve arbitrary files from the
UCCX root filesystem through a directory traversal attack. It is
possible for an attacker to use this vector to gain console
access to the vulnerable node as the 'ccxcluster' user, and
subsequently escalate privileges.

Solution Description

Cisco has released a patch for this vulnerability. Information
regarding the software update which addresses this issue is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx

Tested Systems / Software

Cisco Unified Contact Center Express (UCCX) versions: 8.5(x), 8.0(x), 7.0(x), 6.0(x)
Cisco Unified IP Interactive Voice Response (Unified IP-IVR) versions: 8.5(x), 8.0(x), 7.0(x), 6.0(x)

Vendor Contact

Vendor Name: Cisco
Vendor Website: http://www.cisco.com/

EPSS

0.851

Percentile

98.6%