Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-3333

The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an "HTTP Intercept" attack and leveraging the ability to read files within the context of the web-server user account, aka Bug ID CSCup41014.

Published

2014-08-11T20:55:07.170

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 9.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	unity_connection	9.1\(1\)	Yes
Application	cisco	unity_connection	9.1\(2\)	Yes

References

http://secunia.com/advisories/59768 ([email protected])
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3333 Vendor Advisory ([email protected])
http://tools.cisco.com/security/center/viewAlert.x?alertId=35200 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/69074 ([email protected])
http://www.securitytracker.com/id/1030688 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/95135 ([email protected])
http://secunia.com/advisories/59768 (af854a3a-2127-422b-91ae-364da2661108)
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3333 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://tools.cisco.com/security/center/viewAlert.x?alertId=35200 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/69074 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1030688 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/95135 (af854a3a-2127-422b-91ae-364da2661108)