Vulnerability Description
Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unity | 4.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/32187Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0d85f.sPatchVendor Advisory
- http://www.cisco.com/en/US/products/products_security_response09186a0080a0d861.hPatchVendor Advisory
- http://www.securityfocus.com/bid/31638
- http://www.securityfocus.com/bid/31642
- http://www.securitytracker.com/id?1021011
- http://www.voipshield.com/research-details.php?id=126
- http://www.vupen.com/english/advisories/2008/2771Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45741
- http://secunia.com/advisories/32187Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0d85f.sPatchVendor Advisory
- http://www.cisco.com/en/US/products/products_security_response09186a0080a0d861.hPatchVendor Advisory
- http://www.securityfocus.com/bid/31638
- http://www.securityfocus.com/bid/31642
- http://www.securitytracker.com/id?1021011
FAQ
What is CVE-2008-3814?
CVE-2008-3814 is a vulnerability with a CVSS score of 5.8 (MEDIUM). Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote a...
How severe is CVE-2008-3814?
CVE-2008-3814 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3814?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unity.