CVE-2013-1221

critical Cisco
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
5.0%
Exploitation probability in 30 days
Top 10% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: May 9, 2013 (4753 days ago)
Last Modified: April 29, 2026
Vendor: Cisco
Source: NVD

Description

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38384.

CWE

CWE-16

Affected Products

cisco unified customer voice portal

References

🔗 tools.cisco.com 🔗 tools.cisco.com