Vulnerability Name:

CVE-2013-6688 (CCN-88869)

Assigned:2013-11-13
Published:2013-11-13
Updated:2013-11-19
Summary:Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and earlier allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCui58222.
CVSS v3 Severity:4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
CVSS v2 Severity:6.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:C/A:N)
4.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:C/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): None
6.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:C/A:N)
4.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:C/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): None
Vulnerability Type:CWE-22
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2013-6688

Source: CCN
Type: Cisco Security Notice
Cisco Enterprise License Manager Path Traversal Vulnerability

Source: CISCO
Type: Vendor Advisory
20131113 Cisco Enterprise License Manager Path Traversal Vulnerability

Source: CONFIRM
Type: Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=31759

Source: CCN
Type: OSVDB ID: 99753
Cisco Unified Communications Manager (CUCM) Enterprise License Manager (ELM) Traversal File Upload Remote Code Execution

Source: XF
Type: UNKNOWN
cisco-elm-cve20136688-dir-traversal(88869)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:unified_communications_manager:3.3(5):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:3.3(5)sr1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:3.3(5)sr2a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1(3):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1(3)sr1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1(3)sr2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1(3)sr3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1(3)sr4:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.3sr1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.3sr2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.3sr2b:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.3(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(1b):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(1c):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(2a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(2b):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(3):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(3a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(3c):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(3d):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(3e):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.0(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.0(1a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.0(1b):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(1a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(1b):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(2)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(2)su1a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(3):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(3a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(3b):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(3b)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(4):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(4)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(4a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(4a)su2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(5):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(5)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(5)su2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(5)su3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.0(1)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.0(1)su1a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.0(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.0(2a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.0(2a)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.0(2a)su2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(2a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(2a)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(2b):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(2b)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(3):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(3a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(3a)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(3a)su1a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(3b):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(3b)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(3b)su2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5)su1a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5b):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5b)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5b)su1a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5b)su2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5b)su3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5b)su4:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5b)su5:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.1(5b)su6:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0(2a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0(2b):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0(2c):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0(2c)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0(3):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0(3a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0(3a)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0(3a)su2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.0(3a)su3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.5(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.5(1)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.5(1)su2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.5(1)su3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.5(1)su4:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.5(1)su5:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.6:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.6(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.6(1a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.6(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.6(2a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.6(2a)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.6(2a)su2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.6(2a)su3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.6(3):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:8.6(4):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:9.0(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* (Version <= 9.1(1))

    • * Denotes that component is vulnerable
    BACK
    cisco unified communications manager 3.3(5)
    cisco unified communications manager 3.3(5)sr1
    cisco unified communications manager 3.3(5)sr2a
    cisco unified communications manager 4.1(3)
    cisco unified communications manager 4.1(3)sr1
    cisco unified communications manager 4.1(3)sr2
    cisco unified communications manager 4.1(3)sr3
    cisco unified communications manager 4.1(3)sr4
    cisco unified communications manager 4.2
    cisco unified communications manager 4.2.1
    cisco unified communications manager 4.2.2
    cisco unified communications manager 4.2.3
    cisco unified communications manager 4.2.3sr1
    cisco unified communications manager 4.2.3sr2
    cisco unified communications manager 4.2.3sr2b
    cisco unified communications manager 4.3
    cisco unified communications manager 4.3(1)
    cisco unified communications manager 5.0
    cisco unified communications manager 5.1
    cisco unified communications manager 5.1(1)
    cisco unified communications manager 5.1(1b)
    cisco unified communications manager 5.1(1c)
    cisco unified communications manager 5.1(2)
    cisco unified communications manager 5.1(2a)
    cisco unified communications manager 5.1(2b)
    cisco unified communications manager 5.1(3)
    cisco unified communications manager 5.1(3a)
    cisco unified communications manager 5.1(3c)
    cisco unified communications manager 5.1(3d)
    cisco unified communications manager 5.1(3e)
    cisco unified communications manager 5.1.2
    cisco unified communications manager 6.0
    cisco unified communications manager 6.0(1)
    cisco unified communications manager 6.0(1a)
    cisco unified communications manager 6.0(1b)
    cisco unified communications manager 6.1(1)
    cisco unified communications manager 6.1(1a)
    cisco unified communications manager 6.1(1b)
    cisco unified communications manager 6.1(2)
    cisco unified communications manager 6.1(2)su1
    cisco unified communications manager 6.1(2)su1a
    cisco unified communications manager 6.1(3)
    cisco unified communications manager 6.1(3a)
    cisco unified communications manager 6.1(3b)
    cisco unified communications manager 6.1(3b)su1
    cisco unified communications manager 6.1(4)
    cisco unified communications manager 6.1(4)su1
    cisco unified communications manager 6.1(4a)
    cisco unified communications manager 6.1(4a)su2
    cisco unified communications manager 6.1(5)
    cisco unified communications manager 6.1(5)su1
    cisco unified communications manager 6.1(5)su2
    cisco unified communications manager 6.1(5)su3
    cisco unified communications manager 7.0(1)su1
    cisco unified communications manager 7.0(1)su1a
    cisco unified communications manager 7.0(2)
    cisco unified communications manager 7.0(2a)
    cisco unified communications manager 7.0(2a)su1
    cisco unified communications manager 7.0(2a)su2
    cisco unified communications manager 7.1(2a)
    cisco unified communications manager 7.1(2a)su1
    cisco unified communications manager 7.1(2b)
    cisco unified communications manager 7.1(2b)su1
    cisco unified communications manager 7.1(3)
    cisco unified communications manager 7.1(3a)
    cisco unified communications manager 7.1(3a)su1
    cisco unified communications manager 7.1(3a)su1a
    cisco unified communications manager 7.1(3b)
    cisco unified communications manager 7.1(3b)su1
    cisco unified communications manager 7.1(3b)su2
    cisco unified communications manager 7.1(5)
    cisco unified communications manager 7.1(5)su1
    cisco unified communications manager 7.1(5)su1a
    cisco unified communications manager 7.1(5a)
    cisco unified communications manager 7.1(5b)
    cisco unified communications manager 7.1(5b)su1
    cisco unified communications manager 7.1(5b)su1a
    cisco unified communications manager 7.1(5b)su2
    cisco unified communications manager 7.1(5b)su3
    cisco unified communications manager 7.1(5b)su4
    cisco unified communications manager 7.1(5b)su5
    cisco unified communications manager 7.1(5b)su6
    cisco unified communications manager 8.0
    cisco unified communications manager 8.0(1)
    cisco unified communications manager 8.0(2)
    cisco unified communications manager 8.0(2a)
    cisco unified communications manager 8.0(2b)
    cisco unified communications manager 8.0(2c)
    cisco unified communications manager 8.0(2c)su1
    cisco unified communications manager 8.0(3)
    cisco unified communications manager 8.0(3a)
    cisco unified communications manager 8.0(3a)su1
    cisco unified communications manager 8.0(3a)su2
    cisco unified communications manager 8.0(3a)su3
    cisco unified communications manager 8.5
    cisco unified communications manager 8.5(1)
    cisco unified communications manager 8.5(1)su1
    cisco unified communications manager 8.5(1)su2
    cisco unified communications manager 8.5(1)su3
    cisco unified communications manager 8.5(1)su4
    cisco unified communications manager 8.5(1)su5
    cisco unified communications manager 8.6
    cisco unified communications manager 8.6(1)
    cisco unified communications manager 8.6(1a)
    cisco unified communications manager 8.6(2)
    cisco unified communications manager 8.6(2a)
    cisco unified communications manager 8.6(2a)su1
    cisco unified communications manager 8.6(2a)su2
    cisco unified communications manager 8.6(2a)su3
    cisco unified communications manager 8.6(3)
    cisco unified communications manager 8.6(4)
    cisco unified communications manager 9.0(1)
    cisco unified communications manager *