CVE-2014-3333 Information

Description

The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an \HTTP Intercept\ attack and leveraging the ability to read files within the context of the web-server user account aka Bug ID CSCup41014.

Reference

http://secunia.com/advisories/59768 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3333 http://tools.cisco.com/security/center/viewAlert.x?alertId=35200 http://www.securityfocus.com/bid/69074 http://www.securitytracker.com/id/1030688 https://exchange.xforce.ibmcloud.com/vulnerabilities/95135