CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2004-0650

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0770%
EPSS Percentile15.85th
Published2004年8月6日
Last Modified2026年4月16日

Vulnerability Description

UploadServlet in Cisco Collaboration Server (CCS) running ServletExec before 3.0E allows remote attackers to upload and execute arbitrary files via a direct call to the UploadServlet URL.

Affected Platforms (CPE)

📦
Newatlanta

Servletexec

= 2.2
📦
Newatlanta

Servletexec

= 3.0

References & Advisories

🔗 http://secunia.com/advisories/11979/
🔗 http://www.cisco.com/warp/public/707/cisco-sa-20040630-CCS.shtml
🔗 http://www.kb.cert.org/vuls/id/718896
🔗 http://www.securityfocus.com/bid/10639
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/16553
🔗 http://secunia.com/advisories/11979/
🔗 http://www.cisco.com/warp/public/707/cisco-sa-20040630-CCS.shtml
🔗 http://www.kb.cert.org/vuls/id/718896

相關漏洞威脅

CVE-2000-102410.0

eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers t...

CVE-2000-04987.5

Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP e...

CVE-2002-08925.0

The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a ...

CVE-2002-08935.0

Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-en...