The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an "HTTP Intercept" attack and leveraging the ability to read files within the context of the web-server user account, aka Bug ID CSCup41014.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2014-08-11 20:55
Updated : 2024-02-28 12:20
NVD link : CVE-2014-3333
Mitre link : CVE-2014-3333
CVE.ORG link : CVE-2014-3333
JSON object : View
Products Affected
cisco
- unity_connection
CWE
CWE-264
Permissions, Privileges, and Access Controls