A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. More Information: CSCvb61698. Known Affected Releases: 11.5(1.11007.2). Known Fixed Releases: 12.0(0.98000.168) 12.0(0.98000.178) 12.0(0.98000.399) 12.0(0.98000.510) 12.0(0.98000.536) 12.0(0.98500.7).
References
| Link | Resource |
|---|---|
| http://www.securityfocus.com/bid/94798 | Third Party Advisory VDB Entry |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cur | Vendor Advisory |
| http://www.securityfocus.com/bid/94798 | Third Party Advisory VDB Entry |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cur | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:00
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://www.securityfocus.com/bid/94798 - Third Party Advisory, VDB Entry | |
| References | () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cur - Vendor Advisory |
Information
Published : 2016-12-14 00:59
Updated : 2025-04-12 10:46
NVD link : CVE-2016-9210
Mitre link : CVE-2016-9210
CVE.ORG link : CVE-2016-9210
JSON object : View
Products Affected
cisco
- unified_communications_manager
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')