CVE-2013-6689 — MEDIUM (6.9)

Q: How severe is CVE-2013-6689?

CVE-2013-6689 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2013-6689?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Communications Manager.

Vulnerability Description

Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier allows local users to bypass file permissions, and read, modify, or create arbitrary files, via an "overload" of the command-line utility, aka Bug ID CSCui58229.

CVSS Score

6.9

MEDIUM

AV:L/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Cisco	Unified Communications Manager	<= 9.1\(1\)

Related Weaknesses (CWE)

CWE-20

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6689Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=31758Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6689Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=31758Vendor Advisory

FAQ

What is CVE-2013-6689?

CVE-2013-6689 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier allows local users to bypass file permissions, and read, modify, or create arbitrary files, via an "overload" of the command-line u...

How severe is CVE-2013-6689?

CVE-2013-6689 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-6689?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Communications Manager.