Absolute Path Traversal Vulnerability in Cisco Finesse Web Interface
CVE-2013-3457

Currently unrated

Key Information:

Vendor: Cisco
Status: Finesse
Vendor: CVE Published:; 12 August 2013

What is CVE-2013-3457?

An absolute path traversal vulnerability exists in the web interface of Cisco Finesse, which allows remote attackers to access directory contents by sending direct requests to specific directory URLs. This weakness can be exploited to gain unauthorized visibility into sensitive information stored within those directories.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

https://exchange.xforce.ibmcloud.com/vulnerabilities/86356

vdb-entryx_refsource_XF

http://www.securitytracker.com/id/1028896

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2013
Vulnerability Reserved
May 6, 2013