2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2009-2047" ,
"sourceIdentifier" : "ykramarz@cisco.com" ,
"published" : "2009-07-16T15:30:00.750" ,
"lastModified" : "2017-08-17T01:30:38.273" ,
"vulnStatus" : "Modified" ,
"descriptions" : [
{
"lang" : "en" ,
"value" : "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
} ,
{
"lang" : "es" ,
"value" : "Vulnerabilidad de salto de directorio en el interfaz de administraci\u00f3n en Cisco Customer Response Solutions (CRS) anteriores a v7.0(1) SR2 en el servidor Cisco Unified Contact Center Express (tambi\u00e9n conocido como CCX) permite a los usuarios remotos autenticados leer, modificar y borrar ficheros arbitrarios a trav\u00e9s de vectores no especificados."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:S/C:C/I:C/A:C" ,
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "SINGLE" ,
"confidentialityImpact" : "COMPLETE" ,
"integrityImpact" : "COMPLETE" ,
"availabilityImpact" : "COMPLETE" ,
"baseScore" : 9.0
} ,
"baseSeverity" : "HIGH" ,
"exploitabilityScore" : 8.0 ,
"impactScore" : 10.0 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : true ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-22"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:crs:3.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4C6F8BA2-EA5E-4E90-8390-2D29E8FAB4AC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:crs:4.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E010B8C0-06BF-42C9-8AE6-8A0A6696EC9A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:crs:4.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "98203DF7-2B21-4D7F-B32C-E9E6C24E1A9D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:crs:4.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "629B1A0E-A13F-4209-B070-960392893299"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:crs:5.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "13E6B9D0-5F88-4F48-A313-D478FB9919FC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:crs:6.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2F979F18-29A6-433C-91A4-0042EC275CF9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:crs:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8F6008EC-FB15-43B3-8B09-3BFB28536EC0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:customer_response_applications:3.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B5DC9FD7-0716-456C-895F-74BC7866C520"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:ip_qm:3.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8BC0CC96-C3DD-4564-8323-3EAB9ACBFF45"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ccx:3.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AD62E8B9-9715-4217-864F-C54F1DEE835F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ccx:4.0\\(1\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "32F36940-BF16-4C7C-A24C-D923AF333709"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ccx:4.0\\(3\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F2BE86CE-EF95-4841-B145-DFA4D0E0EF4B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ccx:4.0\\(4\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "369C0FF7-BC46-400E-AC61-F97BAFDE14FD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ccx:4.0\\(5\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6883E046-DA9D-4402-A22B-31140D6C8054"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ccx:4.0\\(5a\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "ED3C91A3-E343-4FAC-85D7-649C7ECE6E64"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ccx:4.5\\(1\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "51E21F75-530E-4399-B8EC-1E933711D6E7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ccx:4.5\\(2\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6273D50B-8D2B-4F5A-B4F3-2CC86F5B730F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ccx:5.0\\(1\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AB3F5DF8-E9A7-4812-8677-BDCE4679ED9E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ccx:6.0\\(1\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DBAF3470-5AF5-4B26-AA92-A92E908A52E4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ccx:7.0\\(1\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A8CDC6A2-319F-4C83-8042-BEF6C9FD1C2B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_contact_center_express:3.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BA09955E-62F4-4098-8FFF-C61D33EB8AB6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_contact_center_express:5.0\\(1\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EBA8057F-7E31-4F9D-992E-621DCD7C4089"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_contact_center_express:6.0\\(1\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1568EE5B-716D-439B-9017-8498C9353B4F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_contact_center_express:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BCFA9981-ED56-4D5B-AF82-1BCC551FE02A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_ivr:3.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "71082BE9-AF48-460A-9127-4D5D6DBA02F9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_ivr:3.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CDFDB400-1557-4A6D-A40F-00271A666A0E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_ivr:4.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E744A286-EA75-4E20-8503-12217FE0F03E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_ivr:4.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D4B5083B-0782-4668-B88A-A6DB65A4AFCA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_ivr:4.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F3782F66-76E2-4912-AA16-CB552A8C4ED5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_ivr:5.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A26B5F10-147A-4C32-BE98-F24407E4973F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_ivr:6.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C1E4FAEE-BE07-45D8-A7F4-92668CA9BF8D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_ivr:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "73CA4024-4F80-466A-9383-9A68E2FAC995"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:unified_ip_ivr:7.0\\(1\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "53C79246-3D29-4A8E-94DD-8771964B7E4F"
}
]
}
]
}
] ,
"references" : [
2024-04-04 08:46:00 +00:00
{
"url" : "http://osvdb.org/55936" ,
"source" : "ykramarz@cisco.com"
} ,
{
"url" : "http://secunia.com/advisories/35861" ,
"source" : "ykramarz@cisco.com"
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml" ,
"source" : "ykramarz@cisco.com" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
} ,
{
"url" : "http://www.securityfocus.com/bid/35706" ,
"source" : "ykramarz@cisco.com" ,
"tags" : [
"Patch"
]
} ,
{
"url" : "http://www.securitytracker.com/id?1022569" ,
"source" : "ykramarz@cisco.com"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2009/1913" ,
"source" : "ykramarz@cisco.com"
} ,
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731" ,
"source" : "ykramarz@cisco.com"
}
]
}
