Vulnerabilities > CVE-2008-2053 - Unspecified vulnerability in Cisco Unified Customer Voice Portal 4.0/4.1/7.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
cisco
NVD
Published: 2008-05-22
Updated: 2024-11-21

Summary

Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1.x before 4.1(1)_ES11, and 7.x before 7.0(1) allows remote authenticated users with administrator role privileges to create, modify, or delete a superuser account.

Vulnerable Configurations

Part Description Count
Application
Cisco
3

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 29315 CVE(CAN) ID: CVE-2008-2053 Cisco Unified Customer Voice Portal(CVP)是Cisco用户交互网络解决方案的一部分,可为用户提供语音和视频自助服务集成。 CVP中有三个不同的用户角色:超级用户,管理员和只读访问。CVP中的安全漏洞允许管理员角色的用户创建、修改或删除更高系统权限的超级用户帐号。 Cisco CVP 7.x Cisco CVP 4.1.x Cisco CVP 4.0.x Cisco ----- Cisco已经为此发布了一个安全公告(cisco-sa-20080521-cvp)以及相应补丁: cisco-sa-20080521-cvp:Cisco Voice Portal Privilege Escalation Vulnerability 链接:<a href=http://www.cisco.com/warp/public/707/cisco-sa-20080521-cvp.shtml target=_blank>http://www.cisco.com/warp/public/707/cisco-sa-20080521-cvp.shtml</a> 补丁下载: <a href=http://www.cisco.com/pcgi-bin/tablebuild.pl/36833091037661f49ad8152368c22bbf target=_blank>http://www.cisco.com/pcgi-bin/tablebuild.pl/36833091037661f49ad8152368c22bbf</a> <a href=http://www.cisco.com/pcgi-bin/tablebuild.pl/946b57654c80187da8c3cfc0aa02866e target=_blank>http://www.cisco.com/pcgi-bin/tablebuild.pl/946b57654c80187da8c3cfc0aa02866e</a>
idSSV:3328
last seen2017-11-19
modified2008-05-24
published2008-05-24
reporterRoot
titleCisco Unified Customer Voice Portal权限提升漏洞

References