Remote Code Execution Vulnerability in Cisco Unified Customer Voice Portal
CVE-2013-1222

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Customer Voice Portal
Vendor: CVE Published:; 9 May 2013

Summary

The Tomcat Web Management feature within Cisco Unified Customer Voice Portal Software prior to version 9.0.1 ES 11 has a security misconfiguration that enables unauthorized remote attackers to execute arbitrary web applications by sending specially crafted HTTP or HTTPS requests. This flaw could lead to significant security breaches and unauthorized control over the affected system.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 9, 2013