CVE-2013-6688

Cisco Unified Communications Manager < 9.1(1) - Authenticated Path Traversal and Arbitrary File Write via License Upload

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and earlier allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCui58222.

References (2)

Core 2
Core References

Scores

EPSS 0.0213
EPSS Percentile 79.7%

Details

CWE
CWE-22
Status published
Products (50)
cisco/unified_communications_manager 3.3\(5\)
cisco/unified_communications_manager 3.3\(5\)sr1
cisco/unified_communications_manager 3.3\(5\)sr2a
cisco/unified_communications_manager 4.1\(3\)
cisco/unified_communications_manager 4.1\(3\)sr1
cisco/unified_communications_manager 4.1\(3\)sr2
cisco/unified_communications_manager 4.1\(3\)sr3
cisco/unified_communications_manager 4.1\(3\)sr4
cisco/unified_communications_manager 4.2
cisco/unified_communications_manager 4.2.1
... and 40 more
Published Nov 18, 2013
Tracked Since Feb 18, 2026