Unrated severityNVD Advisory· Published May 9, 2013· Updated Apr 29, 2026

CVE-2013-1222

Description

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to launch arbitrary custom web applications via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38379.

Affected products

Cisco Systems, Inc./Unified Customer Voice Portal13 versions
cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*range: <=9.0\(1\)
- cpe:2.3:a:cisco:unified_customer_voice_portal:3.0:sr1:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_customer_voice_portal:3.0:sr2:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_customer_voice_portal:3.6\(10\):es01:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_customer_voice_portal:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_customer_voice_portal:4.0\(2\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_customer_voice_portal:4.0\(2\):sr1:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_customer_voice_portal:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_customer_voice_portal:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_customer_voice_portal:7.0\(2\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_customer_voice_portal:8.0\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_customer_voice_portal:8.5\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_customer_voice_portal:9.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130508-cvpnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000