← Back

CVE-2011-3315

nvd nistnuclei
Published: Oct 27, 2011Modified: Apr 29, 2026

JSON object

Loading...
7.8
Vector
AV:N/AC:L/Au:N/C:C/I:N/A:N
Exploitability: 10.0 / Impact: 6.9
Source: NVD

Description

Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.

Affected (69)

Cisco
3 products
Unified Ip Interactive Voice Response
Unified Ip Ivr
Unified Communications Manager
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Unified Ip Interactive Voice Response
All versions
Cisco
Unified Ip Ivr
Version 6.0(1)
Unified Ip Ivr
Version 7.0(1)
Unified Ip Ivr
Version 7.0(2)
Unified Ip Ivr
Version 8.0(1)
Unified Ip Ivr
Version 8.0(2)
Unified Ip Ivr
Version 8.5(1)
Configuration B
62 vulnerable · 6 platform
Vulnerable SoftwareAffected Versions
Cisco
Unified Communications Manager
Version 5.0
Unified Communications Manager
Version 5.1.2
Unified Communications Manager
Version 5.1
Unified Communications Manager
Version 5.1(1)
Unified Communications Manager
Version 5.1(1b)
Unified Communications Manager
Version 5.1(1c)
Unified Communications Manager
Version 5.1(2)
Unified Communications Manager
Version 5.1(2a)
Unified Communications Manager
Version 5.1(2b)
Unified Communications Manager
Version 5.1(3)
Unified Communications Manager
Version 5.1(3a)
Unified Communications Manager
Version 5.1(3c)
Unified Communications Manager
Version 5.1(3d)
Unified Communications Manager
Version 5.1(3e)
Unified Communications Manager
Version 6.0
Unified Communications Manager
Version 6.1(1)
Unified Communications Manager
Version 6.1(1a)
Unified Communications Manager
Version 6.1(1b)
Unified Communications Manager
Version 6.1(2)
Unified Communications Manager
Version 6.1(2)su1
Unified Communications Manager
Version 6.1(2)su1a
Unified Communications Manager
Version 6.1(3)
Unified Communications Manager
Version 6.1(3a)
Unified Communications Manager
Version 6.1(3b)
Unified Communications Manager
Version 6.1(3b)su1
Unified Communications Manager
Version 6.1(4)
Unified Communications Manager
Version 6.1(4)su1
Unified Communications Manager
Version 6.1(4a)
Unified Communications Manager
Version 6.1(4a)su2
Unified Communications Manager
Version 6.1(5)
Unified Communications Manager
Version 6.1(5)su1
Unified Communications Manager
Version 7.0(1)su1
Unified Communications Manager
Version 7.0(1)su1a
Unified Communications Manager
Version 7.0(2)
Unified Communications Manager
Version 7.0(2a)
Unified Communications Manager
Version 7.0(2a)su1
Unified Communications Manager
Version 7.0(2a)su2
Unified Communications Manager
Version 7.1(2a)
Unified Communications Manager
Version 7.1(2a)su1
Unified Communications Manager
Version 7.1(2b)
Unified Communications Manager
Version 7.1(2b)su1
Unified Communications Manager
Version 7.1(3)
Unified Communications Manager
Version 7.1(3a)
Unified Communications Manager
Version 7.1(3a)su1
Unified Communications Manager
Version 7.1(3a)su1a
Unified Communications Manager
Version 7.1(3b)
Unified Communications Manager
Version 7.1(3b)su1
Unified Communications Manager
Version 7.1(3b)su2
Unified Communications Manager
Version 7.1(5)
Unified Communications Manager
Version 7.1(5)su1
Unified Communications Manager
Version 7.1(5)su1a
Unified Communications Manager
Version 7.1(5a)
Unified Communications Manager
Version 7.1(5b)
Unified Communications Manager
Version 7.1(5b)su1
Unified Communications Manager
Version 7.1(5b)su1a
Unified Communications Manager
Version 8.0
Unified Communications Manager
Version 8.0(1)
Unified Communications Manager
Version 8.0(2)
Unified Communications Manager
Version 8.0(2a)
Unified Communications Manager
Version 8.0(2b)
Unified Communications Manager
Version 8.0(2c)
Unified Communications Manager
Version 8.0(2c)su1
Running on/withPlatform Versions
Cisco
Unified Ccx
Version 6.0(1)
Cisco
Unified Ccx
Version 7.0(1)
Cisco
Unified Ccx
Version 7.0(2)
Cisco
Unified Ccx
Version 8.0(1)
Cisco
Unified Ccx
Version 8.0(2)
Cisco
Unified Ccx
Version 8.5(1)

Related CWEs

CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (4)

Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.