CyberSec.Space Logo
返回 CVE 浏览器

CVE-2013-1221

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1750%
EPSS Percentile38.39th
Published2013年5月9日
Last Modified2026年4月29日

Vulnerability Description

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38384.

Affected Platforms (CPE)

📦
Cisco

Unified Customer Voice Portal

<= 9.0\(1\)
📦
Cisco

Unified Customer Voice Portal

= 3.0
📦
Cisco

Unified Customer Voice Portal

= 3.0
📦
Cisco

Unified Customer Voice Portal

= 3.6\(10\)
📦
Cisco

Unified Customer Voice Portal

= 4.0
📦
Cisco

Unified Customer Voice Portal

= 4.0\(2\)
📦
Cisco

Unified Customer Voice Portal

= 4.0\(2\)
📦
Cisco

Unified Customer Voice Portal

= 4.1
📦
Cisco

Unified Customer Voice Portal

= 7.0
📦
Cisco

Unified Customer Voice Portal

= 7.0\(2\)
📦
Cisco

Unified Customer Voice Portal

= 8.0\(1\)
📦
Cisco

Unified Customer Voice Portal

= 8.5\(1\)
📦
Cisco

Unified Customer Voice Portal

= 9.0

References & Advisories

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130508-cvp
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130508-cvp

相关漏洞威胁

CVE-2008-20539.0

Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1.x before 4.1(1)_ES11, and 7.x...

CVE-2017-122148.8

A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset functionality for Cisco U...

CVE-2018-01398.6

A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (C...

CVE-2018-00868.6

A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote ...