CVE-2008-3814
First published: Wed Oct 08 2008(Updated: )
Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unity Server | =5.0 | |
| Cisco Unity Server | =4.0 | |
| Cisco Unity Server | =7.0\(2\) | |
| Cisco Unity Server | =4.0\(4\)-sr1 | |
| Cisco Unity Server | =5.0\(1\) | |
| Cisco Unity Server | =4.0\(3\) | |
| Cisco Unity Server | =4.1\(1\) | |
| Cisco Unity Server | =4.0\(2\) | |
| Cisco Unity Server | =4.0\(5\) | |
| Cisco Unity Server | =4.2\(1\) | |
| Cisco Unity Server | =4.0\(4\) | |
| Cisco Unity Server | =4.0\(3\)-sr1 | |
| Cisco Unity Server | =7.0 | |
| Cisco Unity Server | =4.0\(1\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0d85f.shtml
- http://www.securityfocus.com/bid/31642
- http://www.cisco.com/en/US/products/products_security_response09186a0080a0d861.html
- http://www.voipshield.com/research-details.php?id=126
- http://secunia.com/advisories/32187
- http://www.securitytracker.com/id?1021011
- http://www.securityfocus.com/bid/31638
- http://www.vupen.com/english/advisories/2008/2771
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45741
- agent/type
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco unity server
- version/cisco unity server/5.0
- version/cisco unity server/4.0
- version/cisco unity server/7.0\(2\)
- version/cisco unity server/4.0\(4\)-sr1
- version/cisco unity server/5.0\(1\)
- version/cisco unity server/4.0\(3\)
- version/cisco unity server/4.1\(1\)
- version/cisco unity server/4.0\(2\)
- version/cisco unity server/4.0\(5\)
- version/cisco unity server/4.2\(1\)
- version/cisco unity server/4.0\(4\)
- version/cisco unity server/4.0\(3\)-sr1
- version/cisco unity server/7.0
- version/cisco unity server/4.0\(1\)