Описание
The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an "HTTP Intercept" attack and leveraging the ability to read files within the context of the web-server user account, aka Bug ID CSCup41014.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:unity_connection:9.1\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unity_connection:9.1\(2\):*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01832
Низкий
9 Critical
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an "HTTP Intercept" attack and leveraging the ability to read files within the context of the web-server user account, aka Bug ID CSCup41014.
EPSS
Процентиль: 83%
0.01832
Низкий
9 Critical
CVSS2
Дефекты
CWE-264