Cisco : Security Vulnerabilities, CVEs, Published In 2014 (Directory traversal) CVSS score >= 3

CVE-2014-8019

Directory traversal vulnerability in Cisco Enterprise Content Delivery System (ECDS) allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCuo90148.
Max CVSS
5.0
EPSS Score
0.34%
Published
2014-12-20
Updated
2017-01-03

CVE-2014-3340

Directory traversal vulnerability in an unspecified PHP script in the server in Cisco WebEx MeetMeNow allows remote authenticated users to read arbitrary files via a crafted request, aka Bug ID CSCuo16166.
Max CVSS
4.0
EPSS Score
0.13%
Published
2014-08-20
Updated
2017-08-29

CVE-2014-3323

Directory traversal vulnerability in Cisco Unified Contact Center Enterprise allows remote authenticated users to read arbitrary web-root files via a crafted URL, aka Bug ID CSCun25262.
Max CVSS
4.0
EPSS Score
0.12%
Published
2014-07-18
Updated
2015-12-03

CVE-2014-3319

Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676.
Max CVSS
6.8
EPSS Score
0.18%
Published
2014-07-14
Updated
2017-08-29

CVE-2014-3318

Directory traversal vulnerability in dna/viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup76318.
Max CVSS
4.0
EPSS Score
0.36%
Published
2014-07-10
Updated
2017-08-29

CVE-2014-3317

Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314.
Max CVSS
5.5
EPSS Score
0.23%
Published
2014-07-14
Updated
2017-08-29

CVE-2014-2145

Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071.
Max CVSS
4.0
EPSS Score
0.12%
Published
2014-04-05
Updated
2015-09-16

CVE-2014-0666

Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056.
Max CVSS
4.3
EPSS Score
2.58%
Published
2014-01-16
Updated
2017-08-29

CVE-2013-6975

Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217.
Max CVSS
4.6
EPSS Score
0.04%
Published
2014-05-20
Updated
2015-10-13
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close