Description
Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery System (CDS) 2.2.x, 2.3.x, 2.4.x, and 2.5.x before 2.5.7 allows remote attackers to read arbitrary files via a crafted URL.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/60567
Patch, Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3bd1c.shtml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1024234
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/66508
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40701
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1881
Scores
EPSS
0.0337
EPSS Percentile
87.3%
Details
CWE
CWE-22
Status
published
Products (12)
cisco/content_delivery_system
cisco/internet_streamer
2.2\(1\)
cisco/internet_streamer
2.3\(1\)
cisco/internet_streamer
2.3\(3\)
cisco/internet_streamer
2.3\(5\)
cisco/internet_streamer
2.3\(7\)
cisco/internet_streamer
2.3\(9\)
cisco/internet_streamer
2.4\(1\)
cisco/internet_streamer
2.4\(3\)
cisco/internet_streamer
2.4\(5\)
... and 2 more
Published
Jul 28, 2010
Tracked Since
Feb 18, 2026