cbcvebase.
CVE-2013-5528
published 2013-10-11

CVE-2013-5528: Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read…

PriorityP339medium4CVSS 2.0
AVNACLAuSCPINAN
EXPLOIT
EPSS
23.31%
97.5th percentile
Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815.

Detection & IOCsextracted from sources · hover to see the quote

url/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd
path/ccmadmin/bulkvivewfilecontents.do
  • Look for GET requests to /ccmadmin/bulkvivewfilecontents.do containing directory traversal sequences (../../../../) in the fileName parameter, particularly targeting /etc/passwd or other sensitive files.
  • Successful exploitation returns file contents readable by the Apache Tomcat service account; a response body matching root:.*:0:0: indicates /etc/passwd was read.
  • The attack requires prior authentication; monitor for authenticated sessions issuing traversal-laden requests to the Tomcat administrative web interface.
  • ·Vulnerability affects only unpatched Cisco Unified Communications Manager versions 7.x, 8.x, and 9.x; fixed in versions 9.1.2, 10.5.2, and 11.5.x.
  • ·Exploitation requires the attacker to be authenticated to the targeted device, reducing the likelihood of unauthenticated mass exploitation.

CVSS provenance

nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
vendor_cisco4.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.