CVE-2010-1577 — HIGH (7.8) — White Hats Nepal

Vulnerability Description

Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery System (CDS) 2.2.x, 2.3.x, 2.4.x, and 2.5.x before 2.5.7 allows remote attackers to read arbitrary files via a crafted URL.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:C/I:N/A:N

Confidentiality

COMPLETE

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Cisco	Internet Streamer	2.2\(1\)
Cisco	Content Delivery System	All versions

Related Weaknesses (CWE)

CWE-22

References

http://osvdb.org/66508
http://secunia.com/advisories/40701Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3bd1c.sPatchVendor Advisory
http://www.securitytracker.com/id?1024234
http://www.vupen.com/english/advisories/2010/1881Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/60567
http://osvdb.org/66508
http://secunia.com/advisories/40701Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3bd1c.sPatchVendor Advisory
http://www.securitytracker.com/id?1024234
http://www.vupen.com/english/advisories/2010/1881Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/60567

FAQ

What is CVE-2010-1577?

CVE-2010-1577 is a vulnerability with a CVSS score of 7.8 (HIGH). Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery System (CDS) 2.2.x, 2.3.x, 2.4.x, and 2.5.x before 2.5.7 allows remote attackers to read arbitrary files...

How severe is CVE-2010-1577?

CVE-2010-1577 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-1577?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Internet Streamer, Cisco Content Delivery System.