CVE-2009-1161

critical Cisco
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
1.4%
Exploitation probability in 30 days
Top 19% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: May 21, 2009 (6201 days ago)
Last Modified: April 23, 2026
Vendor: Cisco
Source: NVD

Description

Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.

CWE

CWE-22

Affected Products

cisco ciscoworks common servicescisco ciscoworks health and utilization monitorcisco ciscoworks lan management solutioncisco ciscoworks qos policy managercisco ciscoworks voice managercisco security managercisco telepresence readiness assessment managercisco unified operations managercisco unified provisioning managercisco unified service monitor

References

🔗 jvn.jp 🔗 jvndb.jvn.jp 🔗 osvdb.org 🔗 secunia.com 🔗 securitytracker.com