Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38372.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Unified Customer Voice Portal Log Viewer 任意文件访问漏洞
Vulnerability Description
Cisco Unified Customer Voice Portal(CVP)是美国思科(Cisco)公司的一套用于提供语音和视频自助服务的统一通信系统。 Cisco Unified Customer Voice Portal (CVP) Software 9.0.1 ES 11之前的版本中的日志查看器中存在漏洞,该漏洞源于程序没有正确地校验未明参数。远程攻击者可通过特制的HTTP或HTTPS请求利用该漏洞读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A