CVE-2013-3433

Published: Jul 18, 2013Modified: Apr 29, 2026

6.8

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Exploitability: 3.1 / Impact: 10.0

Source: NVD

Description

Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276.

Affected (55)

Products: Cisco: Unified Communications Manager

Cisco

1 product

Unified Communications Manager

Configuration A

23 vulnerable

Vulnerable Software	Affected Versions
Cisco Unified Communications Manager	Version 7.1(2a)
Cisco Unified Communications Manager	Version 7.1(2a)su1
Cisco Unified Communications Manager	Version 7.1(2b)
Cisco Unified Communications Manager	Version 7.1(2b)su1
Cisco Unified Communications Manager	Version 7.1(3)
Cisco Unified Communications Manager	Version 7.1(3a)
Cisco Unified Communications Manager	Version 7.1(3a)su1
Cisco Unified Communications Manager	Version 7.1(3a)su1a
Cisco Unified Communications Manager	Version 7.1(3b)
Cisco Unified Communications Manager	Version 7.1(3b)su1
Cisco Unified Communications Manager	Version 7.1(3b)su2
Cisco Unified Communications Manager	Version 7.1(5)
Cisco Unified Communications Manager	Version 7.1(5)su1
Cisco Unified Communications Manager	Version 7.1(5)su1a
Cisco Unified Communications Manager	Version 7.1(5a)
Cisco Unified Communications Manager	Version 7.1(5b)
Cisco Unified Communications Manager	Version 7.1(5b)su1
Cisco Unified Communications Manager	Version 7.1(5b)su1a
Cisco Unified Communications Manager	Version 7.1(5b)su2
Cisco Unified Communications Manager	Version 7.1(5b)su3
Cisco Unified Communications Manager	Version 7.1(5b)su4
Cisco Unified Communications Manager	Version 7.1(5b)su5
Cisco Unified Communications Manager	Version 7.1(5b)su6

Configuration B

12 vulnerable

Vulnerable Software	Affected Versions
Cisco Unified Communications Manager	Version 8.0
Cisco Unified Communications Manager	Version 8.0(1)
Cisco Unified Communications Manager	Version 8.0(2)
Cisco Unified Communications Manager	Version 8.0(2a)
Cisco Unified Communications Manager	Version 8.0(2b)
Cisco Unified Communications Manager	Version 8.0(2c)
Cisco Unified Communications Manager	Version 8.0(2c)su1
Cisco Unified Communications Manager	Version 8.0(3)
Cisco Unified Communications Manager	Version 8.0(3a)
Cisco Unified Communications Manager	Version 8.0(3a)su1
Cisco Unified Communications Manager	Version 8.0(3a)su2
Cisco Unified Communications Manager	Version 8.0(3a)su3

Configuration C

7 vulnerable

Vulnerable Software	Affected Versions
Cisco Unified Communications Manager	Version 8.5
Cisco Unified Communications Manager	Version 8.5(1)
Cisco Unified Communications Manager	Version 8.5(1)su1
Cisco Unified Communications Manager	Version 8.5(1)su2
Cisco Unified Communications Manager	Version 8.5(1)su3
Cisco Unified Communications Manager	Version 8.5(1)su4
Cisco Unified Communications Manager	Version 8.5(1)su5

Configuration D

10 vulnerable

Vulnerable Software	Affected Versions
Cisco Unified Communications Manager	Version 8.6
Cisco Unified Communications Manager	Version 8.6(1)
Cisco Unified Communications Manager	Version 8.6(1a)
Cisco Unified Communications Manager	Version 8.6(2)
Cisco Unified Communications Manager	Version 8.6(2a)
Cisco Unified Communications Manager	Version 8.6(2a)su1
Cisco Unified Communications Manager	Version 8.6(2a)su2
Cisco Unified Communications Manager	Version 8.6(2a)su3
Cisco Unified Communications Manager	Version 8.6(3)
Cisco Unified Communications Manager	Version 8.6(4)

Configuration E

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Unified Communications Manager	Version 9.0(1)
Cisco Unified Communications Manager	Version 9.1.1(a)
Cisco Unified Communications Manager	Version 9.1(1)