What is CVE-2011-3315?

CVE-2011-3315 is a vulnerability in Cisco Unified_ccx, classified under Path Traversal. Published 2011-10-27.

Is CVE-2011-3315 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Cisco Unified_ccx

CVE-2011-3315

Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unifi…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.511 (97.9th percentile) — read the EPSS interpretation.

Affected products

Cisco Unified_ccx — versions 6.0\(1\), 7.0\(1\), 7.0\(2\)
Cisco Unified_communications_manager — versions 5.0, 5.1, 5.1\(1\)
Cisco Unified_ip_interactive_voice_response
Cisco Unified_ip_ivr — versions 6.0\(1\), 7.0\(1\), 7.0\(2\)
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

References

20111026 Cisco Unified Communications Manager Directory Traversal Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
20111026 Cisco Unified Contact Center Express Directory Traversal Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2011-3315?: CVE-2011-3315 is a vulnerability in Cisco Unified_ccx, classified under Path Traversal. Published 2011-10-27.
Is CVE-2011-3315 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.