Directory traversal vulnerability in multiple Cisco Systems products


Multiple products provided by Cisco Systems contain a directory traversal vulnerablility.

Multiple Cisco Systems products are vulnerable to directory traversal due to an issue in CiscoWorks Common Services.

Jun Okada of NTT DATA SECURITY CORPORATION reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 10.0 (High) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Complete
  • Integrity Impact: Complete
  • Availability Impact: Complete
Affected Products

Cisco Systems, Inc.
  • CiscoWorks Common Services (CWCS) 3.0.x
  • CiscoWorks Common Services (CWCS) 3.1.x
  • CiscoWorks Common Services (CWCS) 3.2.x


A remote attacker could view or alter files on the target server.

[Update the software]
Update to the latest version of CiscoWorks Common Services according the information provided by the vendor.

As a workaround to this vulnerability, disable the TFTP service until the software is updated.
Vendor Information

Cisco Systems, Inc.
CWE (What is CWE?)

  1. Path Traversal(CWE-22) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2009-1161

  1. JVN : JVN#62527913
  2. National Vulnerability Database (NVD) : CVE-2009-1161
  3. IPA SECURITY ALERTS : Security Alert for Vulnerability in Multiple Cisco Systems Products
  4. SecurityFocus : 35040
  5. SecurityTracker : 1022263
  6. JVN iPedia (Japanese) : JVNDB-2009-000032
Revision History

  • [2009/05/29]
      Web page published