CVE-2013-5528 Information

Description

Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string aka Bug ID CSCui78815.

Reference

http://osvdb.org/98336 http://packetstormsecurity.com/files/140071/Cisco-Unified-Communications-Manager-7-8-9-Directory-Traversal.html http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5528 http://www.securityfocus.com/bid/62960 https://www.exploit-db.com/exploits/40887/