Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)


Cisco Unified Communications Manager Directory Traversal Vulnerability
Severity Rating: Medium
Systems Affected:
  • Cisco Unified Communications Manager
A vulnerability has been identified in Cisco Unified Communications Manager and can be exploited by remote attackers to access files on the vulnerable system. The vulnerability exists in the web framework of Cisco Unified Communications Manager and is caused due to insufficient input validation by the affected software. This vulnerability can allow an authenticated, remote attacker to access arbitrary files in the context of the web root directory structure on an affected device. Successful exploitation of the vulnerability can allow an attacker to use directory traversal techniques to read files in the web root directory structure on the Cisco Unified Communications Manager file system.
Users are advised to apply updates.
More information about the update is available on:
CVE Information
Vendor Information
Security Tracker
Cisco Security Advisory
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis