Directory traversal vulnerability in the bootstrap service in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP port 6295.
2010-06-10T00:30:07.440
2025-04-11T00:51:21.963
Deferred
CVSSv2: 7.8 (HIGH)
AV:N/AC:L/Au:N/C:C/I:N/A:N
10.0
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | cisco | unified_contact_center_express | 5.0 | Yes |
| Application | cisco | unified_contact_center_express | 6.0 | Yes |
| Application | cisco | unified_contact_center_express | 7.0 | Yes |
| Application | cisco | customer_response_solution | 5.0 | Yes |
| Application | cisco | customer_response_solution | 6.0 | Yes |
| Application | cisco | customer_response_solution | 7.0 | Yes |
| Application | cisco | unified_ip_interactive_voice_response | 5.0 | Yes |
| Application | cisco | unified_ip_interactive_voice_response | 6.0 | Yes |
| Application | cisco | unified_ip_interactive_voice_response | 7.0 | Yes |