CVE-2013-1223
Last modified
CVE-2013-1223 is a vulnerability of currently unknown severity. The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38372.. EPSS estimates a 1.48% chance of exploitation in the next 30 days.
Description
The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38372.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Cisco | Unified Customer Voice Portal | <= 9.0\(1\) | — |
| Cisco | Unified Customer Voice Portal | 3.0 | Sr1 |
| Cisco | Unified Customer Voice Portal | 3.6\(10\) | Es01 |
| Cisco | Unified Customer Voice Portal | 4.0 | — |
| Cisco | Unified Customer Voice Portal | 4.0\(2\) | — |
| Cisco | Unified Customer Voice Portal | 4.1 | — |
| Cisco | Unified Customer Voice Portal | 7.0 | — |
| Cisco | Unified Customer Voice Portal | 7.0\(2\) | — |
| Cisco | Unified Customer Voice Portal | 8.0\(1\) | — |
| Cisco | Unified Customer Voice Portal | 8.5\(1\) | — |
| Cisco | Unified Customer Voice Portal | 9.0 | — |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-1223?
How severe is CVE-2013-1223?
How do I fix CVE-2013-1223?
Are you affected by CVE-2013-1223?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST