CVE-2010-1571

Name of the Vulnerable Software and Affected Versions Cisco Unified Contact Center Express (UCCX) versions 5.0 through 5.0(2)SR3 Cisco Unified Contact Center Express (UCCX) versions 6.0 Cisco Unified Contact Center Express (UCCX) versions 7.0 through 7.0(1)SR4 Cisco Unified Contact Center Express (UCCX) version 7.0(2)

Description A directory traversal issue in the bootstrap service allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP port 6295.

Recommendations For Cisco Unified Contact Center Express (UCCX) versions 5.0 through 5.0(2)SR3, update to version 5.0(2)SR3 or later. For Cisco Unified Contact Center Express (UCCX) versions 6.0, update to a version that is not affected by this issue. For Cisco Unified Contact Center Express (UCCX) versions 7.0 through 7.0(1)SR4, update to version 7.0(1)SR4 or later. For Cisco Unified Contact Center Express (UCCX) version 7.0(2), update to a version that is not affected by this issue.