Lucene search
CiscoCVE-2014-2145HistoryApr 05, 2014 - 4:01 a.m.
CVE-2014-2145
2014-04-0504:01:38
CWE-22
cisco
web.nvd.nist.gov
30
cisco unity connection
directory traversal vulnerability
messaging api
remote authenticated users
unenforced access constraints
.wav files
audio/x-wav mime type
cve-2014-2145
nvd
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
46.6%
Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071.
Affected configurations
Node
ciscounity_connectionMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unity_connection | - | cpe:2.3:a:cisco:unity_connection:-:*:*:*:*:*:*:* |
Related
seebug
seebug
Cisco Unity Connection็ฎๅฝ้ๅๆผๆด
2014-04-09 00:00:00
nvd
nvd
CVE-2014-2145
2014-04-05 04:01:38
cisco
cisco
Cisco Unity Connection Directory Traversal Vulnerability
2014-04-07 16:02:07
cvelist
cvelist
CVE-2014-2145
2014-04-05 01:00:00
prion
prion
Directory traversal
2014-04-05 04:01:00
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
46.6%
Related for CVE-2014-2145