CVE-2014-2145

Cisco Unity Connection - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/66676

Scores

EPSS 0.0163
EPSS Percentile 73.2%

Details

CWE
CWE-22
Status published
Products (1)
cisco/unity_connection
Published Apr 05, 2014
Tracked Since Feb 18, 2026