The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38384.
oryginał ENAV:N/AC:L/Au:N/C:C/I:C/A:CCisco Unified Customer Voice Portal
APPCisco3.03.6\(10\)4.04.0\(2\)4.17.07.0\(2\)8.0\(1\)8.5\(1\)9.0≤ 9.0\(1\)
Powiązane podatności
A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (C...
A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Cust...
A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unau...
A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset funct...
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 doe...