Directory traversal

2014-07-1011:06:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.2%

JSON

Directory traversal vulnerability in dna/viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup76318.

CPENameOperatorVersion
unified_communications_managereq10.1.0-base

CPE	Name	Operator	Version
	unified_communications_manager	eq	10.1.0-base

References

secunia.com/advisories/59728

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3318

tools.cisco.com/security/center/viewAlert.x?alertId=34897

www.securityfocus.com/bid/68482

www.securitytracker.com/id/1030554

exchange.xforce.ibmcloud.com/vulnerabilities/94433