Vulnerabilities > Cisco > Unified CCX > 7.0.1

DATE CVE VULNERABILITY TITLE RISK
2011-10-27 CVE-2011-3315 Path Traversal vulnerability in Cisco products
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.
network
low complexity
cisco CWE-22
7.8
7.8
2009-07-16 CVE-2009-2048 Cross-Site Scripting vulnerability in Cisco products
Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.
network
cisco CWE-79
3.5
3.5
2009-07-16 CVE-2009-2047 Path Traversal vulnerability in Cisco products
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.
network
low complexity
cisco CWE-22
critical
 9.0
9.0