CVE-2009-2047
 
Severity Score
9.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.
Vulnerabilidad de salto de directorio en el interfaz de administración en Cisco Customer Response Solutions (CRS) anteriores a v7.0(1) SR2 en el servidor Cisco Unified Contact Center Express (también conocido como CCX) permite a los usuarios remotos autenticados leer, modificar y borrar ficheros arbitrarios a través de vectores no especificados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-06-12 CVE Reserved
- 2009-07-16 CVE Published
- 2023-09-03 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
http://osvdb.org/55936 | Vdb Entry | |
http://secunia.com/advisories/35861 | Third Party Advisory | |
http://www.securitytracker.com/id?1022569 | Vdb Entry | |
http://www.vupen.com/english/advisories/2009/1913 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/51731 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml | 2017-08-17 | |
http://www.securityfocus.com/bid/35706 | 2017-08-17 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Crs Search vendor "Cisco" for product "Crs" | 3.5 Search vendor "Cisco" for product "Crs" and version "3.5" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Crs Search vendor "Cisco" for product "Crs" | 4.0 Search vendor "Cisco" for product "Crs" and version "4.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Crs Search vendor "Cisco" for product "Crs" | 4.1 Search vendor "Cisco" for product "Crs" and version "4.1" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Crs Search vendor "Cisco" for product "Crs" | 4.5 Search vendor "Cisco" for product "Crs" and version "4.5" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Crs Search vendor "Cisco" for product "Crs" | 5.0 Search vendor "Cisco" for product "Crs" and version "5.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Crs Search vendor "Cisco" for product "Crs" | 6.0 Search vendor "Cisco" for product "Crs" and version "6.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Crs Search vendor "Cisco" for product "Crs" | 7.0 Search vendor "Cisco" for product "Crs" and version "7.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Customer Response Applications Search vendor "Cisco" for product "Customer Response Applications" | 3.5 Search vendor "Cisco" for product "Customer Response Applications" and version "3.5" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ip Qm Search vendor "Cisco" for product "Ip Qm" | 3.5 Search vendor "Cisco" for product "Ip Qm" and version "3.5" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ccx Search vendor "Cisco" for product "Unified Ccx" | 3.5 Search vendor "Cisco" for product "Unified Ccx" and version "3.5" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ccx Search vendor "Cisco" for product "Unified Ccx" | 4.0\(1\) Search vendor "Cisco" for product "Unified Ccx" and version "4.0\(1\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ccx Search vendor "Cisco" for product "Unified Ccx" | 4.0\(3\) Search vendor "Cisco" for product "Unified Ccx" and version "4.0\(3\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ccx Search vendor "Cisco" for product "Unified Ccx" | 4.0\(4\) Search vendor "Cisco" for product "Unified Ccx" and version "4.0\(4\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ccx Search vendor "Cisco" for product "Unified Ccx" | 4.0\(5\) Search vendor "Cisco" for product "Unified Ccx" and version "4.0\(5\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ccx Search vendor "Cisco" for product "Unified Ccx" | 4.0\(5a\) Search vendor "Cisco" for product "Unified Ccx" and version "4.0\(5a\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ccx Search vendor "Cisco" for product "Unified Ccx" | 4.5\(1\) Search vendor "Cisco" for product "Unified Ccx" and version "4.5\(1\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ccx Search vendor "Cisco" for product "Unified Ccx" | 4.5\(2\) Search vendor "Cisco" for product "Unified Ccx" and version "4.5\(2\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ccx Search vendor "Cisco" for product "Unified Ccx" | 5.0\(1\) Search vendor "Cisco" for product "Unified Ccx" and version "5.0\(1\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ccx Search vendor "Cisco" for product "Unified Ccx" | 6.0\(1\) Search vendor "Cisco" for product "Unified Ccx" and version "6.0\(1\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ccx Search vendor "Cisco" for product "Unified Ccx" | 7.0\(1\) Search vendor "Cisco" for product "Unified Ccx" and version "7.0\(1\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Contact Center Express Search vendor "Cisco" for product "Unified Ip Contact Center Express" | 3.0 Search vendor "Cisco" for product "Unified Ip Contact Center Express" and version "3.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Contact Center Express Search vendor "Cisco" for product "Unified Ip Contact Center Express" | 5.0\(1\) Search vendor "Cisco" for product "Unified Ip Contact Center Express" and version "5.0\(1\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Contact Center Express Search vendor "Cisco" for product "Unified Ip Contact Center Express" | 6.0\(1\) Search vendor "Cisco" for product "Unified Ip Contact Center Express" and version "6.0\(1\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Contact Center Express Search vendor "Cisco" for product "Unified Ip Contact Center Express" | 7.0 Search vendor "Cisco" for product "Unified Ip Contact Center Express" and version "7.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Ivr Search vendor "Cisco" for product "Unified Ip Ivr" | 3.0 Search vendor "Cisco" for product "Unified Ip Ivr" and version "3.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Ivr Search vendor "Cisco" for product "Unified Ip Ivr" | 3.1 Search vendor "Cisco" for product "Unified Ip Ivr" and version "3.1" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Ivr Search vendor "Cisco" for product "Unified Ip Ivr" | 4.0 Search vendor "Cisco" for product "Unified Ip Ivr" and version "4.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Ivr Search vendor "Cisco" for product "Unified Ip Ivr" | 4.1 Search vendor "Cisco" for product "Unified Ip Ivr" and version "4.1" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Ivr Search vendor "Cisco" for product "Unified Ip Ivr" | 4.5 Search vendor "Cisco" for product "Unified Ip Ivr" and version "4.5" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Ivr Search vendor "Cisco" for product "Unified Ip Ivr" | 5.0 Search vendor "Cisco" for product "Unified Ip Ivr" and version "5.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Ivr Search vendor "Cisco" for product "Unified Ip Ivr" | 6.0 Search vendor "Cisco" for product "Unified Ip Ivr" and version "6.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Ivr Search vendor "Cisco" for product "Unified Ip Ivr" | 7.0 Search vendor "Cisco" for product "Unified Ip Ivr" and version "7.0" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Ip Ivr Search vendor "Cisco" for product "Unified Ip Ivr" | 7.0\(1\) Search vendor "Cisco" for product "Unified Ip Ivr" and version "7.0\(1\)" | - |
Affected
|