Cisco » Security Manager : Security Vulnerabilities, CVEs, Published In 2009
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
Max CVSS
10.0
EPSS Score
1.78%
Published
2009-05-21
Updated
2009-06-09
Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
Max CVSS
6.8
EPSS Score
1.24%
Published
2009-01-22
Updated
2017-08-08
2 vulnerabilities found