CVE-2011-1607
Cisco Unified Communications Manager <6.1.5su3-8.5.1 - Path Traversal
Title source: llmDescription
Directory traversal vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote authenticated users to upload files to arbitrary directories via a modified pathname in an upload request, aka Bug ID CSCti81603.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/67127
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/1122
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/44331
Third Party Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1025449
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/47608
Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml
Scores
EPSS
0.0226
EPSS Percentile
80.9%
Details
CWE
CWE-22
Status
published
Products (45)
cisco/unified_communications_manager
6.0
cisco/unified_communications_manager
6.1\(1\)
cisco/unified_communications_manager
6.1\(1a\)
cisco/unified_communications_manager
6.1\(1b\)
cisco/unified_communications_manager
6.1\(2\)
cisco/unified_communications_manager
6.1\(2\)su1
cisco/unified_communications_manager
6.1\(2\)su1a
cisco/unified_communications_manager
6.1\(3\)
cisco/unified_communications_manager
6.1\(3a\)
cisco/unified_communications_manager
6.1\(3b\)
... and 35 more
Published
May 03, 2011
Tracked Since
Feb 18, 2026