Lucene search

CiscoCVE-2014-7988

HistoryNov 07, 2014 - 11:55 a.m.

CVE-2014-7988

2014-11-0711:55:03

CWE-200

cisco

web.nvd.nist.gov

cve-2014-7988

cisco unity connection

ums

bug id cscur06493

information security

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

0.002

Percentile

56.3%

JSON

The Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and earlier allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCur06493.

Affected configurations

Nvd

Node

ciscounity_connectionRange≤10.5

VendorProductVersionCPE
ciscounity_connection*cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unity_connection	*	cpe:2.3:a:cisco:unity_connection::::::::

References

secunia.com/advisories/62106

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7988

tools.cisco.com/security/center/viewAlert.x?alertId=36340

www.securitytracker.com/id/1031177

exchange.xforce.ibmcloud.com/vulnerabilities/98493

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

0.002

Percentile

56.3%

JSON

Related for CVE-2014-7988