Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

CVE-2009-2048 (GCVE-0-2009-2048)

Vulnerability from nvd – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36

Summary

Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id?1022569	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/35861	third-party-advisoryx_refsource_SECUNIA
	http://osvdb.org/55937	vdb-entryx_refsource_OSVDB
	http://www.vupen.com/english/advisories/2009/1913	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/35705	vdb-entryx_refsource_BID
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:36:20.948Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1022569",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022569"
          },
          {
            "name": "unified-ccx-interface-xss(51730)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
          },
          {
            "name": "35861",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35861"
          },
          {
            "name": "55937",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55937"
          },
          {
            "name": "ADV-2009-1913",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1913"
          },
          {
            "name": "35705",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35705"
          },
          {
            "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1022569",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022569"
        },
        {
          "name": "unified-ccx-interface-xss(51730)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
        },
        {
          "name": "35861",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35861"
        },
        {
          "name": "55937",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55937"
        },
        {
          "name": "ADV-2009-1913",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1913"
        },
        {
          "name": "35705",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35705"
        },
        {
          "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-2048",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022569",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "unified-ccx-interface-xss(51730)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
            },
            {
              "name": "35861",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "55937",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55937"
            },
            {
              "name": "ADV-2009-1913",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "35705",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35705"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-2048",
    "datePublished": "2009-07-16T15:00:00",
    "dateReserved": "2009-06-12T00:00:00",
    "dateUpdated": "2024-08-07T05:36:20.948Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-2047 (GCVE-0-2009-2047)

Vulnerability from nvd – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36

Summary

Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id?1022569	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/35861	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/35706	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2009/1913	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	http://osvdb.org/55936	vdb-entryx_refsource_OSVDB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:36:20.764Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1022569",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022569"
          },
          {
            "name": "35861",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35861"
          },
          {
            "name": "35706",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35706"
          },
          {
            "name": "ADV-2009-1913",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1913"
          },
          {
            "name": "unified-ccx-interface-directory-traversal(51731)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
          },
          {
            "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
          },
          {
            "name": "55936",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55936"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1022569",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022569"
        },
        {
          "name": "35861",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35861"
        },
        {
          "name": "35706",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35706"
        },
        {
          "name": "ADV-2009-1913",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1913"
        },
        {
          "name": "unified-ccx-interface-directory-traversal(51731)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
        },
        {
          "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
        },
        {
          "name": "55936",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55936"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-2047",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022569",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "35861",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "35706",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35706"
            },
            {
              "name": "ADV-2009-1913",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "unified-ccx-interface-directory-traversal(51731)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            },
            {
              "name": "55936",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55936"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-2047",
    "datePublished": "2009-07-16T15:00:00",
    "dateReserved": "2009-06-12T00:00:00",
    "dateUpdated": "2024-08-07T05:36:20.764Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-2047 (GCVE-0-2009-2047)

Vulnerability from cvelistv5 – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36

Summary

Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id?1022569	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/35861	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/35706	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2009/1913	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	http://osvdb.org/55936	vdb-entryx_refsource_OSVDB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:36:20.764Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1022569",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022569"
          },
          {
            "name": "35861",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35861"
          },
          {
            "name": "35706",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35706"
          },
          {
            "name": "ADV-2009-1913",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1913"
          },
          {
            "name": "unified-ccx-interface-directory-traversal(51731)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
          },
          {
            "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
          },
          {
            "name": "55936",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55936"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1022569",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022569"
        },
        {
          "name": "35861",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35861"
        },
        {
          "name": "35706",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35706"
        },
        {
          "name": "ADV-2009-1913",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1913"
        },
        {
          "name": "unified-ccx-interface-directory-traversal(51731)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
        },
        {
          "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
        },
        {
          "name": "55936",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55936"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-2047",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022569",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "35861",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "35706",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35706"
            },
            {
              "name": "ADV-2009-1913",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "unified-ccx-interface-directory-traversal(51731)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            },
            {
              "name": "55936",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55936"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-2047",
    "datePublished": "2009-07-16T15:00:00",
    "dateReserved": "2009-06-12T00:00:00",
    "dateUpdated": "2024-08-07T05:36:20.764Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-2048 (GCVE-0-2009-2048)

Vulnerability from cvelistv5 – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36

Summary

Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id?1022569	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/35861	third-party-advisoryx_refsource_SECUNIA
	http://osvdb.org/55937	vdb-entryx_refsource_OSVDB
	http://www.vupen.com/english/advisories/2009/1913	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/35705	vdb-entryx_refsource_BID
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:36:20.948Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1022569",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022569"
          },
          {
            "name": "unified-ccx-interface-xss(51730)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
          },
          {
            "name": "35861",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35861"
          },
          {
            "name": "55937",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55937"
          },
          {
            "name": "ADV-2009-1913",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1913"
          },
          {
            "name": "35705",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35705"
          },
          {
            "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1022569",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022569"
        },
        {
          "name": "unified-ccx-interface-xss(51730)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
        },
        {
          "name": "35861",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35861"
        },
        {
          "name": "55937",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55937"
        },
        {
          "name": "ADV-2009-1913",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1913"
        },
        {
          "name": "35705",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35705"
        },
        {
          "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-2048",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022569",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "unified-ccx-interface-xss(51730)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
            },
            {
              "name": "35861",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "55937",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55937"
            },
            {
              "name": "ADV-2009-1913",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "35705",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35705"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-2048",
    "datePublished": "2009-07-16T15:00:00",
    "dateReserved": "2009-06-12T00:00:00",
    "dateUpdated": "2024-08-07T05:36:20.948Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

4 vulnerabilities found for customer_response_applications by cisco

CVE-2009-2048 (GCVE-0-2009-2048)

CVE-2009-2047 (GCVE-0-2009-2047)

CVE-2009-2047 (GCVE-0-2009-2047)

CVE-2009-2048 (GCVE-0-2009-2048)