CVE-2013-3457

Cisco Finesse - Unauthenticated Path Traversal via Direct Directory URL Request

Title source: llm
STIX 2.1

Description

Absolute path traversal vulnerability in the web interface in Cisco Finesse allows remote attackers to read directory contents via a direct request to a directory URL, aka Bug ID CSCug16772.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/86356
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1028896

Scores

EPSS 0.0211
EPSS Percentile 79.5%

Details

CWE
CWE-22
Status published
Products (1)
cisco/finesse
Published Aug 12, 2013
Tracked Since Feb 18, 2026