CVE-2013-6688
Cisco Unified Communications Manager < 9.1(1) - Authenticated Path Traversal and Arbitrary File Write via License Upload
Title source: llmDescription
Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and earlier allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCui58222.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6688
Vendor Advisory x_refsource_confirm
http://tools.cisco.com/security/center/viewAlert.x?alertId=31759
Scores
EPSS
0.0213
EPSS Percentile
79.7%
Details
CWE
CWE-22
Status
published
Products (50)
cisco/unified_communications_manager
3.3\(5\)
cisco/unified_communications_manager
3.3\(5\)sr1
cisco/unified_communications_manager
3.3\(5\)sr2a
cisco/unified_communications_manager
4.1\(3\)
cisco/unified_communications_manager
4.1\(3\)sr1
cisco/unified_communications_manager
4.1\(3\)sr2
cisco/unified_communications_manager
4.1\(3\)sr3
cisco/unified_communications_manager
4.1\(3\)sr4
cisco/unified_communications_manager
4.2
cisco/unified_communications_manager
4.2.1
... and 40 more
Published
Nov 18, 2013
Tracked Since
Feb 18, 2026