Directory Traversal Vulnerability in Cisco Unified Contact Center Express
CVE-2009-2047

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Ccx; Unified Ip Ivr; Crs; Unified Ip Contact Center Express
Vendor: CVE Published:; 16 July 2009

Summary

A directory traversal vulnerability exists within the Administration interface of the Cisco Unified Contact Center Express (CCX) server, specifically in Cisco Customer Response Solutions (CRS) prior to version 7.0(1) SR2. This vulnerability can be exploited by remote authenticated users to navigate and access arbitrary files on the server, which may include sensitive configuration information or user data. The weakness arises from unspecified vectors, emphasizing the importance of maintaining updated software and implementing stringent access controls to mitigate potential security risks.

References

http://www.securitytracker.com/id?1022569

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/35861

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/35706

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jul 16, 2009
Vulnerability Reserved
Jun 12, 2009