Guest

Preview Tool

Cisco Bug: CSCup41014 - Unity Connection Security Scan vulnerabilities HTTP Intercept

Last Modified

Aug 06, 2018

Products (1)

  • Cisco Unity Connection

Known Affected Releases

9.1(1.2) 9.1(1.9)

Description (partial)

Symptom:
A vulnerability in Cisco Unity Connection Server could allow an authenticated, remote attacker to elevate privileges and obtain full access to
the affected system..

The vulnerability is due to improper privilege escalation. An attacker may be able to exploit this vulnerability by reading files accessible
to the web server user.

Conditions:
Devices running an affected version of the Cisco Unity Connection Server.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.