CVE-2008-3814 Information

Description

Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161 5.x before 5.0(1)ES53 and 7.x before 7.0(2)ES8 when using anonymous authentication (aka native Unity authentication) allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once.

Reference

http://secunia.com/advisories/32187 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0d85f.shtml http://www.cisco.com/en/US/products/products_security_response09186a0080a0d861.html http://www.securityfocus.com/bid/31638 http://www.securityfocus.com/bid/31642 http://www.securitytracker.com/id?1021011 http://www.voipshield.com/research-details.php?id=126 http://www.vupen.com/english/advisories/2008/2771 https://exchange.xforce.ibmcloud.com/vulnerabilities/45741