VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
JVN#62527913     ( CVE-2009-1161 | JVNDB-2009-000032 )
複数の Cisco Systems 製品におけるディレクトリトラバーサルの脆弱性
http://jvn.jp/jp/JVN62527913/index.html

Cisco Systems が提供する複数の製品には、ディレクトリトラバーサルの脆弱性が存在します。




About This Analysis Information
Analysis Information Provider:
 		JPCERT/CC
 		First Published:
 		2009-05-29
Source Information Category:
 		Advisory, Alert
 		Last Updated:
 		2009-05-29




Affected Product Tags
cpe:/a:cisco:ciscoworks_common_services     (Cisco CiscoWorks Common Services)
 


Vulnerability Analysis Results
[Information Source Reliability] [?]
Low [?]

Medium [?]
X High [?]
[Impact Level] [?]
Low [?]

Low-Medium [?]
X Medium-High [?]
High [?]
[Access Required] [?]
Physical [?]

Local [?]
Non-routed [?]
X Routed [?]
[Authentication] [?]
Privileged [?]

Standard [?]
Limited [?]
X None or Unnecessary [?]
[User Interaction Required] [?]
Complex [?]

Simple [?]
X None [?]
[Technical Difficulty] [?]
High [?]

Medium-High [?]
Low-Medium [?]
X Low [?]
[Availability of Remediation] [?]
X Official Patch [?]

Official Workaround [?]
Unofficial Patch [?]
None [?]
[Incident Activity] [?]
None [?]

Exploit or PoC [?]
Activity Observed [?]
Alternatives
Common Vulnerabilities and Exposures (CVE) CVE-2009-1161
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.




JVN iPedia JVNDB-2009-000032 複数の Cisco Systems 製品におけるディレクトリトラバーサルの脆弱性
Cisco Systems が提供する複数の製品には、ディレクトリトラバーサルの脆弱性が存在します。








References
Copyright © 2009 JPCERT/CC All Rights Reserved.