CVE-2013-1224

Cisco Unified Customer Voice Portal < 9.0(1) - Path Traversal and Arbitrary File Write via Resource Manager

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (1) HTTP or (2) HTTPS request that triggers incorrect parameter validation, aka Bug ID CSCub38369.

References (1)

Core 1
Core References

Scores

EPSS 0.0212
EPSS Percentile 79.6%

Details

CWE
CWE-22
Status published
Products (11)
cisco/unified_customer_voice_portal 3.0 sr1 (2 CPE variants)
cisco/unified_customer_voice_portal 3.6\(10\) es01
cisco/unified_customer_voice_portal 4.0
cisco/unified_customer_voice_portal 4.0\(2\) (2 CPE variants)
cisco/unified_customer_voice_portal 4.1
cisco/unified_customer_voice_portal 7.0
cisco/unified_customer_voice_portal 7.0\(2\)
cisco/unified_customer_voice_portal 8.0\(1\)
cisco/unified_customer_voice_portal 8.5\(1\)
cisco/unified_customer_voice_portal 9.0
... and 1 more
Published May 09, 2013
Tracked Since Feb 18, 2026