Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2011-3315

EPSS 51.15% · P98
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-3315

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco 多个产品目录遍历的漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Unified Communications Manager(CUCM,Unified CM,CallManager)是美国思科(Cisco)公司的一款统一通信系统中的呼叫处理组件。该组件提供了一种可扩展、可分布和高可用的企业IP电话呼叫处理解决方案。Cisco Unified Contact Center Express是单节点和双节点呼叫中心服务器。Cisco Unified Interactive Voice Response是提供IP呼叫队列和IP智能音频回复的UCCX产品包。 多个思
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2011-3315

#POC DescriptionSource LinkShenlong Link
1A directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2011/CVE-2011-3315.yamlPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2011-3315

登录查看更多情报信息。

Same Patch Batch · n/a · 2011-10-27 · 11 CVEs total

CVE-2011-2569Cisco Nexus OS ‘section’ /‘less’ 本地命令注入漏洞
CVE-2011-3318Cisco Video Surveillance 远程拒绝服务漏洞
CVE-2011-3319Cisco WebEx 多个远程缓冲区溢出漏洞
CVE-2011-4004Cisco WebEx 多个远程缓冲区溢出漏洞
CVE-2011-3848Puppet 目录遍历漏洞
CVE-2011-3869Puppet ‘.k5login’ 任意文件重写漏洞
CVE-2011-3870Puppet ‘SSH authorized_keys’任意文件修改漏洞
CVE-2011-3871Puppet 任意Puppet代码执行漏洞
CVE-2011-3872Puppet ‘certdnsnames’ 安全绕过漏洞
CVE-2011-4079OpenLDAP ‘UTF8StringNormalize()’ 远程缓冲区错误漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2011-3315

No comments yet

Leave a comment