Published: 06/08/2004 Updated: 11/07/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

UploadServlet in Cisco Collaboration Server (CCS) running ServletExec prior to 3.0E allows remote malicious users to upload and execute arbitrary files via a direct call to the UploadServlet URL.

Vulnerable Product	Search on Vulmon	Subscribe to Product
newatlanta servletexec 3.0
newatlanta servletexec 2.2

Cisco Collaboration Server (CCS) versions earlier than 50 ship with ServletExec versions that are vulnerable to attack where unauthorized users can upload any file and gain administrative privileges The workaround is documented in the Workaround section below Cisco has provided an automated script to remove this vulnerability from the CC ...

NVD-CWE-Other http://www.securityfocus.com/bid/10639 http://www.kb.cert.org/vuls/id/718896 http://www.cisco.com/warp/public/707/cisco-sa-20040630-CCS.shtml http://secunia.com/advisories/11979/https://exchange.xforce.ibmcloud.com/vulnerabilities/16553 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040630-CCS

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0650

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect