Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for customer_response_applications by cisco

    CVE-2009-2048 (GCVE-0-2009-2048)

    Vulnerability from nvd – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1022569 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/35861 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/55937 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2009/1913 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/35705 vdb-entryx_refsource_BID
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    Date Public
    2009-07-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:36:20.948Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1022569",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022569"
              },
              {
                "name": "unified-ccx-interface-xss(51730)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
              },
              {
                "name": "35861",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35861"
              },
              {
                "name": "55937",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/55937"
              },
              {
                "name": "ADV-2009-1913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/1913"
              },
              {
                "name": "35705",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/35705"
              },
              {
                "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-07-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "1022569",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "unified-ccx-interface-xss(51730)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
            },
            {
              "name": "35861",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "55937",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/55937"
            },
            {
              "name": "ADV-2009-1913",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "35705",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/35705"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2009-2048",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1022569",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022569"
                },
                {
                  "name": "unified-ccx-interface-xss(51730)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
                },
                {
                  "name": "35861",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35861"
                },
                {
                  "name": "55937",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/55937"
                },
                {
                  "name": "ADV-2009-1913",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/1913"
                },
                {
                  "name": "35705",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/35705"
                },
                {
                  "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2009-2048",
        "datePublished": "2009-07-16T15:00:00.000Z",
        "dateReserved": "2009-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:36:20.948Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2047 (GCVE-0-2009-2047)

    Vulnerability from nvd – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36
    VLAI
    Summary
    Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1022569 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/35861 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/35706 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2009/1913 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    http://osvdb.org/55936 vdb-entryx_refsource_OSVDB
    Date Public
    2009-07-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:36:20.764Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1022569",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022569"
              },
              {
                "name": "35861",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35861"
              },
              {
                "name": "35706",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/35706"
              },
              {
                "name": "ADV-2009-1913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/1913"
              },
              {
                "name": "unified-ccx-interface-directory-traversal(51731)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
              },
              {
                "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
              },
              {
                "name": "55936",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/55936"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-07-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "1022569",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "35861",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "35706",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/35706"
            },
            {
              "name": "ADV-2009-1913",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "unified-ccx-interface-directory-traversal(51731)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            },
            {
              "name": "55936",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/55936"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2009-2047",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1022569",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022569"
                },
                {
                  "name": "35861",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35861"
                },
                {
                  "name": "35706",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/35706"
                },
                {
                  "name": "ADV-2009-1913",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/1913"
                },
                {
                  "name": "unified-ccx-interface-directory-traversal(51731)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
                },
                {
                  "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
                },
                {
                  "name": "55936",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/55936"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2009-2047",
        "datePublished": "2009-07-16T15:00:00.000Z",
        "dateReserved": "2009-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:36:20.764Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2047 (GCVE-0-2009-2047)

    Vulnerability from cvelistv5 – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36
    VLAI
    Summary
    Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1022569 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/35861 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/35706 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2009/1913 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    http://osvdb.org/55936 vdb-entryx_refsource_OSVDB
    Date Public
    2009-07-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:36:20.764Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1022569",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022569"
              },
              {
                "name": "35861",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35861"
              },
              {
                "name": "35706",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/35706"
              },
              {
                "name": "ADV-2009-1913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/1913"
              },
              {
                "name": "unified-ccx-interface-directory-traversal(51731)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
              },
              {
                "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
              },
              {
                "name": "55936",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/55936"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-07-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "1022569",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "35861",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "35706",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/35706"
            },
            {
              "name": "ADV-2009-1913",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "unified-ccx-interface-directory-traversal(51731)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            },
            {
              "name": "55936",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/55936"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2009-2047",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1022569",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022569"
                },
                {
                  "name": "35861",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35861"
                },
                {
                  "name": "35706",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/35706"
                },
                {
                  "name": "ADV-2009-1913",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/1913"
                },
                {
                  "name": "unified-ccx-interface-directory-traversal(51731)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51731"
                },
                {
                  "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
                },
                {
                  "name": "55936",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/55936"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2009-2047",
        "datePublished": "2009-07-16T15:00:00.000Z",
        "dateReserved": "2009-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:36:20.764Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2048 (GCVE-0-2009-2048)

    Vulnerability from cvelistv5 – Published: 2009-07-16 15:00 – Updated: 2024-08-07 05:36
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1022569 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/35861 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/55937 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2009/1913 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/35705 vdb-entryx_refsource_BID
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    Date Public
    2009-07-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:36:20.948Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1022569",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022569"
              },
              {
                "name": "unified-ccx-interface-xss(51730)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
              },
              {
                "name": "35861",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35861"
              },
              {
                "name": "55937",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/55937"
              },
              {
                "name": "ADV-2009-1913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/1913"
              },
              {
                "name": "35705",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/35705"
              },
              {
                "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-07-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "1022569",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022569"
            },
            {
              "name": "unified-ccx-interface-xss(51730)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
            },
            {
              "name": "35861",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35861"
            },
            {
              "name": "55937",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/55937"
            },
            {
              "name": "ADV-2009-1913",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1913"
            },
            {
              "name": "35705",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/35705"
            },
            {
              "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2009-2048",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1022569",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022569"
                },
                {
                  "name": "unified-ccx-interface-xss(51730)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51730"
                },
                {
                  "name": "35861",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35861"
                },
                {
                  "name": "55937",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/55937"
                },
                {
                  "name": "ADV-2009-1913",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/1913"
                },
                {
                  "name": "35705",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/35705"
                },
                {
                  "name": "20090715 Vulnerabilities in Unified Contact Center Express Administration Pages",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2009-2048",
        "datePublished": "2009-07-16T15:00:00.000Z",
        "dateReserved": "2009-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:36:20.948Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }