Weakness Name | Source | |
---|---|---|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Metrics | Score | Severity | CVSS Vector | Source |
---|---|---|---|---|
V2 | 9 | AV:N/AC:L/Au:S/C:C/I:C/A:C | nvd@nist.gov |
Cisco>>Crs >> Version 3.5
Cisco>>Crs >> Version 4.0
Cisco>>Crs >> Version 4.1
Cisco>>Crs >> Version 4.5
Cisco>>Crs >> Version 5.0
Cisco>>Crs >> Version 6.0
Cisco>>Crs >> Version 7.0
Cisco>>Customer_response_applications >> Version 3.5
Cisco>>Ip_qm >> Version 3.5
Cisco>>Unified_ccx >> Version 3.5
Cisco>>Unified_ccx >> Version 4.0\(1\)
Cisco>>Unified_ccx >> Version 4.0\(3\)
Cisco>>Unified_ccx >> Version 4.0\(4\)
Cisco>>Unified_ccx >> Version 4.0\(5\)
Cisco>>Unified_ccx >> Version 4.0\(5a\)
Cisco>>Unified_ccx >> Version 4.5\(1\)
Cisco>>Unified_ccx >> Version 4.5\(2\)
Cisco>>Unified_ccx >> Version 5.0\(1\)
Cisco>>Unified_ccx >> Version 6.0\(1\)
Cisco>>Unified_ccx >> Version 7.0\(1\)
Cisco>>Unified_ip_contact_center_express >> Version 3.0
Cisco>>Unified_ip_contact_center_express >> Version 5.0\(1\)
Cisco>>Unified_ip_contact_center_express >> Version 6.0\(1\)
Cisco>>Unified_ip_contact_center_express >> Version 7.0
Cisco>>Unified_ip_ivr >> Version 3.0
Cisco>>Unified_ip_ivr >> Version 3.1
Cisco>>Unified_ip_ivr >> Version 4.0
Cisco>>Unified_ip_ivr >> Version 4.1
Cisco>>Unified_ip_ivr >> Version 4.5
Cisco>>Unified_ip_ivr >> Version 5.0
Cisco>>Unified_ip_ivr >> Version 6.0
Cisco>>Unified_ip_ivr >> Version 7.0
Cisco>>Unified_ip_ivr >> Version 7.0\(1\)