CVE Vulnerabilities

CVE-2013-3426

Published: Jul 18, 2013 | Modified: Jul 18, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh52810.

Affected Software

Name Vendor Start Version End Version
Unified_ip_phones_9900_series_firmware Cisco - -

References