CVE-2011-3315 Scanner
Detects 'Directory Traversal' vulnerability in Cisco Unified Communications Manager (CUCM), Cisco Unified Contact Center Express (aka Unified CCX or UCCX), Cisco Unified IP Interactive Voice Response (Unified IP-IVR) affects v. (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Unified CCX and Unified IP-IVR before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Url
Toolbox
-
Cisco Unified Communications Manager (CUCM), Cisco Unified Contact Center Express (aka Unified CCX or UCCX), and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) are all communication solutions offered by Cisco for businesses. These systems allow for flexible and efficient communication between employees, customers, and clients. CUCM, in particular, is used for call routing, collaboration, and video communications, while UCCX is primarily used for customer service and contact routing. Unified IP-IVR is commonly used for automated telephone menus and self-service applications.
CVE-2011-3315 is a vulnerability detected in these Cisco communication solutions. This directory traversal vulnerability allows remote attackers to read arbitrary files as a result of a crafted URL. This specific vulnerability was found in CUCM 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), as well as Unified CCX and Unified IP-IVR before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2.
When exploited, CVE-2011-3315 can lead to remote attackers being able to access sensitive files on the affected system. This can include confidential data such as login credentials, personal information, financial data, and other sensitive information. In addition, the attackers may be able to infiltrate and cause damage to the system, potentially even taking control of the affected devices.
Thanks to the pro features of the securityforeveryone.com platform, readers of this article can easily and quickly learn about vulnerabilities in these communication solutions and take steps to protect themselves from potential threats. By staying up-to-date on the latest security trends and vulnerabilities, businesses can ensure that their communication systems remain secure and their sensitive data is protected from unauthorized access.
REFERENCES
control security posture