CVE-2013-5528
published 2013-10-11CVE-2013-5528: Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read…
PriorityP339medium4CVSS 2.0
AVNACLAuSCPINAN
EXPLOIT
EPSS
23.31%
97.5th percentile
Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815.
Detection & IOCsextracted from sources · hover to see the quote
url/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd↗
- →Look for GET requests to /ccmadmin/bulkvivewfilecontents.do containing directory traversal sequences (../../../../) in the fileName parameter, particularly targeting /etc/passwd or other sensitive files. ↗
- →Successful exploitation returns file contents readable by the Apache Tomcat service account; a response body matching root:.*:0:0: indicates /etc/passwd was read. ↗
- →The attack requires prior authentication; monitor for authenticated sessions issuing traversal-laden requests to the Tomcat administrative web interface. ↗
- ·Vulnerability affects only unpatched Cisco Unified Communications Manager versions 7.x, 8.x, and 9.x; fixed in versions 9.1.2, 10.5.2, and 11.5.x. ↗
- ·Exploitation requires the attacker to be authenticated to the targeted device, reducing the likelihood of unauthenticated mass exploitation. ↗
CVSS provenance
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
vendor_cisco4.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Unified Communications Manager Administrative Web Interface Directory Traversal Vulnerability
vendor_cisco·2013-10-11·CVSS 4.0
CVE-2013-5528 [MEDIUM] CWE-22 Cisco Unified Communications Manager Administrative Web Interface Directory Traversal Vulnerability
Cisco Unified Communications Manager Administrative Web Interface Directory Traversal Vulnerability
A vulnerability in the administrative web interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to obtain the contents of arbitrary files on an affected device.
The vulnerability is due to a failure to properly sanitize user-supplied input passed to a specific function. An attacker could exploit this vulnerability by supplying a series of directory traversal characters, allowing the attacker to designate a file outside the restricted directory to be returned. An exploit could allow the attacker to obtain the contents of any file that is readable by the Apache Tomcat service account.
Cisco has confirmed the vulnerability in a security notice and re
GHSA
GHSA-jrxj-vh2x-2cc8: Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users
ghsa_unreviewed·2022-05-17
CVE-2013-5528 [MEDIUM] CWE-22 GHSA-jrxj-vh2x-2cc8: Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users
Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815.
No detection rules found.
Exploit-DB
Cisco Unified Communications Manager 7/8/9 - Directory Traversal
exploitdb·2016-12-07·CVSS 4.0
CVE-2013-5528 [MEDIUM] Cisco Unified Communications Manager 7/8/9 - Directory Traversal
Cisco Unified Communications Manager 7/8/9 - Directory Traversal
---
# Exploit Title: Cisco Unified Communications Manager Administrative Web Interface Directory traversal CVE-2013-5528
# Date: 7th December 2016
# Exploit Author: justpentest
# Vendor Homepage: https://software.cisco.com/
# Software Link: https://software.cisco.com/download/navigator.html?mdfid=268439621
# Version: Cisco Unified Communications Manager Administrative Web Interface unpatched version of 7.x, 8.x or 9.x software
# Contact: [email protected]
# CVE : CVE-2013-5528
1) Description:
Directory traversal vulnerability exists in Cisco Unified Communications Manager Administrative Web Interface CVE-2013-5528.
The vulnerability is due to a failure to properly sanitize user-supplied input passed to a specific
Nuclei
Cisco Unified Communications Manager 7/8/9 - Directory Traversal
nuclei·CVSS 4.0
CVE-2013-5528 [MEDIUM] Cisco Unified Communications Manager 7/8/9 - Directory Traversal
Cisco Unified Communications Manager 7/8/9 - Directory Traversal
A directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815
Template:
id: CVE-2013-5528
info:
name: Cisco Unified Communications Manager 7/8/9 - Directory Traversal
author: daffainfo
severity: medium
description: A directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815
impact: |
Successful exploitation of this vulner
http://osvdb.org/98336http://packetstormsecurity.com/files/140071/Cisco-Unified-Communications-Manager-7-8-9-Directory-Traversal.htmlhttp://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5528http://www.securityfocus.com/bid/62960https://www.exploit-db.com/exploits/40887/http://osvdb.org/98336http://packetstormsecurity.com/files/140071/Cisco-Unified-Communications-Manager-7-8-9-Directory-Traversal.htmlhttp://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5528http://www.securityfocus.com/bid/62960https://www.exploit-db.com/exploits/40887/
2013-10-11
Published