CVE-2006-3593

CWE-119Buffer OverflowCWE-94Code Injection4 documents4 sources
Severity
4.0MEDIUM
EPSS
0.6%
top 31.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unified Callmanager
Timeline
PublishedJul 18
Latest updateMay 1

Description

The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/unified_callmanager4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-v3vp-hcc4-xxfh: The command line interface (CLI) in Cisco Unified CallManager (CUCM) 52022-05-01
CVEList
CVE-2006-3593: The command line interface (CLI) in Cisco Unified CallManager (CUCM) 52006-07-14

📋Vendor Advisories

1
Cisco
Multiple Cisco Unified CallManager Vulnerabilities2006-07-12
CVE-2006-3593 (MEDIUM CVSS 4) | The command line interface (CLI) in | cvebase.io