CVE-2009-2047
CVE Descriptions
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 9 | AV:N/AC:L/Au:S/C:C/I:C/A:C | nvd@nist.gov |
EPSS
EPSS Score
EPSS Percentile
Products Mentioned
Configuraton 0
Cisco>>Crs >> Version 3.5
Cisco>>Crs >> Version 4.0
Cisco>>Crs >> Version 4.1
Cisco>>Crs >> Version 4.5
Cisco>>Crs >> Version 5.0
Cisco>>Crs >> Version 6.0
Cisco>>Crs >> Version 7.0
Cisco>>Customer_response_applications >> Version 3.5
Cisco>>Ip_qm >> Version 3.5
Cisco>>Unified_ccx >> Version 3.5
Cisco>>Unified_ccx >> Version 4.0\(1\)
Cisco>>Unified_ccx >> Version 4.0\(3\)
Cisco>>Unified_ccx >> Version 4.0\(4\)
Cisco>>Unified_ccx >> Version 4.0\(5\)
Cisco>>Unified_ccx >> Version 4.0\(5a\)
Cisco>>Unified_ccx >> Version 4.5\(1\)
Cisco>>Unified_ccx >> Version 4.5\(2\)
Cisco>>Unified_ccx >> Version 5.0\(1\)
Cisco>>Unified_ccx >> Version 6.0\(1\)
- Cisco>>Unified_ccx >> Version 6.0\(1\) (Open CPE detail)
Cisco>>Unified_ccx >> Version 7.0\(1\)
- Cisco>>Unified_ccx >> Version 7.0\(1\) (Open CPE detail)
Cisco>>Unified_ip_contact_center_express >> Version 3.0
Cisco>>Unified_ip_contact_center_express >> Version 5.0\(1\)
Cisco>>Unified_ip_contact_center_express >> Version 6.0\(1\)
Cisco>>Unified_ip_contact_center_express >> Version 7.0
Cisco>>Unified_ip_ivr >> Version 3.0
Cisco>>Unified_ip_ivr >> Version 3.1
Cisco>>Unified_ip_ivr >> Version 4.0
Cisco>>Unified_ip_ivr >> Version 4.1
Cisco>>Unified_ip_ivr >> Version 4.5
Cisco>>Unified_ip_ivr >> Version 5.0
Cisco>>Unified_ip_ivr >> Version 6.0
Cisco>>Unified_ip_ivr >> Version 7.0
Cisco>>Unified_ip_ivr >> Version 7.0\(1\)
- Cisco>>Unified_ip_ivr >> Version 7.0\(1\) (Open CPE detail)
References
Tags : vendor-advisory, x_refsource_CISCO
