CyberSec.Space Logo
Back to CVE Browser

CVE-2013-1221

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1750%
EPSS Percentile38.39th
PublishedMay 9, 2013
Last ModifiedApr 29, 2026

Vulnerability Description

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38384.

Affected Platforms (CPE)

πŸ“¦
Cisco

Unified Customer Voice Portal

<= 9.0\(1\)
πŸ“¦
Cisco

Unified Customer Voice Portal

= 3.0
πŸ“¦
Cisco

Unified Customer Voice Portal

= 3.0
πŸ“¦
Cisco

Unified Customer Voice Portal

= 3.6\(10\)
πŸ“¦
Cisco

Unified Customer Voice Portal

= 4.0
πŸ“¦
Cisco

Unified Customer Voice Portal

= 4.0\(2\)
πŸ“¦
Cisco

Unified Customer Voice Portal

= 4.0\(2\)
πŸ“¦
Cisco

Unified Customer Voice Portal

= 4.1
πŸ“¦
Cisco

Unified Customer Voice Portal

= 7.0
πŸ“¦
Cisco

Unified Customer Voice Portal

= 7.0\(2\)
πŸ“¦
Cisco

Unified Customer Voice Portal

= 8.0\(1\)
πŸ“¦
Cisco

Unified Customer Voice Portal

= 8.5\(1\)
πŸ“¦
Cisco

Unified Customer Voice Portal

= 9.0

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130508-cvp
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130508-cvp

Related Vulnerabilities

CVE-2008-20539.0

Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1.x before 4.1(1)_ES11, and 7.x...

CVE-2017-122148.8

A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset functionality for Cisco U...

CVE-2018-01398.6

A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (C...

CVE-2018-00868.6

A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote ...