CVE-2013-6688

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager versions 9.1(1) and earlier

Description A directory traversal issue exists in the license-upload interface of the Enterprise License Manager (ELM) component, allowing remote authenticated users to create arbitrary files by providing a crafted path.

Recommendations For versions 9.1(1) and earlier, update to a version later than 9.1(1) to resolve the issue. As a temporary workaround, consider restricting access to the license-upload interface in the ELM component to minimize the risk of exploitation.