Lucene search

[email protected]NVD:CVE-2014-2145

HistoryApr 05, 2014 - 4:01 a.m.

CVE-2014-2145

2014-04-0504:01:38

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

46.6%

JSON

Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071.

Affected configurations

Nvd

Node

ciscounity_connectionMatch-

VendorProductVersionCPE
ciscounity_connection-cpe:2.3:a:cisco:unity_connection:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unity_connection	-	cpe:2.3:a:cisco:unity_connection:-:::::::*

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2145

www.securityfocus.com/bid/66676

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

46.6%

JSON

Related for NVD:CVE-2014-2145

seebug1 cvelist1 cisco1 prion1 cve1