ID de Prueba:	1.3.6.1.4.1.25623.1.0.106442
Categoría:	CISCO
Título:	Cisco Unified Communications Manager Unified Reporting Upload Tool Directory Traversal Vulnerability (cisco-sa-20161207-cur)
Resumen:	A vulnerability in the Cisco Unified Reporting upload tool; accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote; attacker to modify arbitrary files on the file system.
Descripción:	Summary: A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. Vulnerability Insight: The vulnerability is due to insufficient client-side validation checks. An attacker could exploit this vulnerability by submitting a malicious POST request to the affected system. Vulnerability Impact: An exploit could allow the attacker to implant arbitrary files onto the affected system. Affected Software/OS: Cisco Unified Communications Manager version 11.5(1.11007.2). Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-9210 BugTraq ID: 94798 http://www.securityfocus.com/bid/94798
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.