Vulnerabilities > Cisco > Unified Customer Voice Portal
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-05-09 | CVE-2013-1223 | Improper Input Validation vulnerability in Cisco Unified Customer Voice Portal The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38372. | 7.8 |
| 2013-05-09 | CVE-2013-1222 | Configuration vulnerability in Cisco Unified Customer Voice Portal The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to launch arbitrary custom web applications via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38379. | 7.8 |
| 2013-05-09 | CVE-2013-1221 | Configuration vulnerability in Cisco Unified Customer Voice Portal The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38384. | 10.0 |
| 2013-05-09 | CVE-2013-1220 | Remote Denial of Service vulnerability in Cisco Unified Customer Voice Portal The CallServer component in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to cause a denial of service (call-acceptance outage) via malformed SIP INVITE messages, aka Bug ID CSCua65148. | 7.8 |
| 2008-05-22 | CVE-2008-2053 | Privilege Escalation vulnerability in Cisco Unified Customer Voice Portal 4.0/4.1/7.0 Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1.x before 4.1(1)_ES11, and 7.x before 7.0(1) allows remote authenticated users with administrator role privileges to create, modify, or delete a superuser account. | 9.0 |