Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2013-1240

The command-line interface in Cisco Unified Communications Manager (CUCM) does not properly validate input, which allows local users to read arbitrary files via unspecified vectors, aka Bug ID CSCue25770.

Published

2013-05-04T03:24:41.737

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.6 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:S/C:C/I:N/A:N

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: SINGLE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

3.1

Impact Score

6.9

Weaknesses
  • Type: Primary
    CWE-20
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application cisco unified_communications_manager * Yes
References