CVE-2014-3317

Cisco Unified Communications Manager 10.0(1) - Authenticated Path Traversal via Dialed Number Analyzer

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314.

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/68481
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030554
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/59727
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/94435

Scores

EPSS 0.0255
EPSS Percentile 83.2%

Details

CWE
CWE-22
Status published
Products (1)
cisco/unified_communications_manager 10.0\(1\)
Published Jul 14, 2014
Tracked Since Feb 18, 2026