Absolute Path Traversal Vulnerability in Cisco Finesse Web Interface
CVE-2013-3457

Currently unrated

Key Information:

Vendor: Cisco
Status: Finesse
Vendor: CVE Published:; 12 August 2013

Summary

An absolute path traversal vulnerability exists in the web interface of Cisco Finesse, which allows remote attackers to access directory contents by sending direct requests to specific directory URLs. This weakness can be exploited to gain unauthorized visibility into sensitive information stored within those directories.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

https://exchange.xforce.ibmcloud.com/vulnerabilities/86356

vdb-entryx_refsource_XF

http://www.securitytracker.com/id/1028896

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Aug 12, 2013
Vulnerability Reserved
May 6, 2013