First published: Mon Aug 11 2014(Updated: )
The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an "HTTP Intercept" attack and leveraging the ability to read files within the context of the web-server user account, aka Bug ID CSCup41014.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Unity Connection | =9.1\(1\) | |
Cisco Unity Connection | =9.1\(2\) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.