Unrated severityNVD Advisory· Published May 21, 2009· Updated Apr 23, 2026
CVE-2009-1161
CVE-2009-1161
Description
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
Affected products
33cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:windows:*:*:*:*:*+ 6 more
- cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_voice_manager:3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:ciscoworks_voice_manager:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_voice_manager:3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:security_manager:3.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:cisco:security_manager:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:security_manager:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_operations_manager:1.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:cisco:unified_operations_manager:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_provisioning_manager:1.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:cisco:unified_provisioning_manager:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_provisioning_manager:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_provisioning_manager:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_provisioning_manager:1.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_service_monitor:1.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:cisco:unified_service_monitor:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_service_monitor:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_service_monitor:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_service_monitor:2.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtmlnvdPatchVendor Advisory
- jvn.jp/en/jp/JVN62527913/index.htmlnvd
- jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.htmlnvd
- osvdb.org/54616nvd
- secunia.com/advisories/35179nvd
- securitytracker.com/idnvd
- www.securityfocus.com/bid/35040nvd
- www.vupen.com/english/advisories/2009/1390nvd
News mentions
0No linked articles in our index yet.