VAR-200810-0359
Vulnerability from variot - Updated: 2025-04-10 23:09Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory. Cisco Unity is prone to multiple remote vulnerabilities, including: - An information-disclosure vulnerability in the web interface - A denial-of-service vulnerability in the administration interface - A script-injection vulnerability in the web interface - Multiple denial-of-service vulnerabilities in unspecified services These issues are reported in Cisco Unity 7.0; other versions may also be affected. Cisco Unity is a voice and unified messaging platform. ----------------------------------------------------------------------
Do you need accurate and reliable IDS / IPS / AV detection rules?
Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/
TITLE: Cisco Unity Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA32187
VERIFY ADVISORY: http://secunia.com/advisories/32187/
CRITICAL: Less critical
IMPACT: Security Bypass, Exposure of sensitive information, DoS
WHERE:
From local network
SOFTWARE: Cisco Unity 4.x http://secunia.com/advisories/product/4386/ Cisco Unity 5.x http://secunia.com/advisories/product/20082/ Cisco Unity 7.x http://secunia.com/advisories/product/20083/
DESCRIPTION: Some vulnerabilities and a security issue have been reported in Cisco Unity, which can be exploited by malicious, local users to disclose potentially sensitive information, and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
1) An error exists within the authentication process in the Cisco Unity server, which can be exploited to bypass the authentication mechanism and view or modify certain system configuration parameters.
2) An error in the session handling in the Cisco Unity server can be exploited to cause a DoS by exhausting all available sessions.
Successful exploitation of these vulnerabilities requires that the Cisco Unity server is configured for anonymous authentication (not the default configuration).
3) A security issue is caused due to insecure permissions on "\CommServer\Reports", which can be exploited by domain users to disclose potentially sensitive information.
SOLUTION: Update to version 4.0ES161, 5.0ES53, or 7.0ES8. http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=274246502
PROVIDED AND/OR DISCOVERED BY: VoIPshield Systems
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20081008-unity.shtml http://www.cisco.com/warp/public/707/cisco-sr-20081008-unity.shtml
VoIPshield: http://www.voipshield.com/research-details.php?id=126&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC http://www.voipshield.com/research-details.php?id=128&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC http://www.voipshield.com/research-details.php?id=130&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200810-0359",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unity",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "unity",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.0\\(4\\)"
},
{
"model": "unity",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.0\\(1\\)"
},
{
"model": "unity",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.0\\(5\\)"
},
{
"model": "unity",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.1\\(1\\)"
},
{
"model": "unity",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.0\\(3\\)"
},
{
"model": "unity",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.0\\(2\\)"
},
{
"model": "unity",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "unity",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "unity",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "4.2\\(1\\)"
},
{
"model": "unity",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0\\(1\\)"
},
{
"model": "unity",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0\\(2\\)"
},
{
"model": "unity",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "4.2(1)es161"
},
{
"model": "unity",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "5.0(1)es53"
},
{
"model": "unity",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "7.0(2)es8"
},
{
"model": "unity",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.2\\(1\\)"
},
{
"model": "unity es8",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "unity es53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "unity es161",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
}
],
"sources": [
{
"db": "BID",
"id": "31642"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002357"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-185"
},
{
"db": "NVD",
"id": "CVE-2008-4545"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:unity",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002357"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VoIPshield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200810-185"
}
],
"trust": 0.6
},
"cve": "CVE-2008-4545",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2008-4545",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-34670",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-4545",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2008-4545",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200810-185",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-34670",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34670"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002357"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-185"
},
{
"db": "NVD",
"id": "CVE-2008-4545"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\\CommServer\\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory. Cisco Unity is prone to multiple remote vulnerabilities, including:\n- An information-disclosure vulnerability in the web interface\n- A denial-of-service vulnerability in the administration interface\n- A script-injection vulnerability in the web interface\n- Multiple denial-of-service vulnerabilities in unspecified services\nThese issues are reported in Cisco Unity 7.0; other versions may also be affected. Cisco Unity is a voice and unified messaging platform. ----------------------------------------------------------------------\n\nDo you need accurate and reliable IDS / IPS / AV detection rules?\n\nGet in-depth vulnerability details:\nhttp://secunia.com/binary_analysis/sample_analysis/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Unity Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA32187\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/32187/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass, Exposure of sensitive information, DoS\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nCisco Unity 4.x\nhttp://secunia.com/advisories/product/4386/\nCisco Unity 5.x\nhttp://secunia.com/advisories/product/20082/\nCisco Unity 7.x\nhttp://secunia.com/advisories/product/20083/\n\nDESCRIPTION:\nSome vulnerabilities and a security issue have been reported in Cisco\nUnity, which can be exploited by malicious, local users to disclose\npotentially sensitive information, and by malicious people to bypass\ncertain security restrictions and cause a DoS (Denial of Service). \n\n1) An error exists within the authentication process in the Cisco\nUnity server, which can be exploited to bypass the authentication\nmechanism and view or modify certain system configuration\nparameters. \n\n2) An error in the session handling in the Cisco Unity server can be\nexploited to cause a DoS by exhausting all available sessions. \n\nSuccessful exploitation of these vulnerabilities requires that the\nCisco Unity server is configured for anonymous authentication (not\nthe default configuration). \n\n3) A security issue is caused due to insecure permissions on\n\"\\CommServer\\Reports\", which can be exploited by domain users to\ndisclose potentially sensitive information. \n\nSOLUTION:\nUpdate to version 4.0ES161, 5.0ES53, or 7.0ES8. \nhttp://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=274246502\n\nPROVIDED AND/OR DISCOVERED BY:\nVoIPshield Systems\n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20081008-unity.shtml\nhttp://www.cisco.com/warp/public/707/cisco-sr-20081008-unity.shtml\n\nVoIPshield:\nhttp://www.voipshield.com/research-details.php?id=126\u0026s=1\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=DESC\nhttp://www.voipshield.com/research-details.php?id=128\u0026s=1\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=DESC\nhttp://www.voipshield.com/research-details.php?id=130\u0026s=1\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=DESC\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-4545"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002357"
},
{
"db": "BID",
"id": "31642"
},
{
"db": "VULHUB",
"id": "VHN-34670"
},
{
"db": "PACKETSTORM",
"id": "70765"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-4545",
"trust": 2.8
},
{
"db": "BID",
"id": "31642",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "32187",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1021022",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2771",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002357",
"trust": 0.8
},
{
"db": "XF",
"id": "45742",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20081008 VOIPSHIELD REPORTED VULNERABILITIES IN CISCO UNITY SERVER",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200810-185",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-34670",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "70765",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34670"
},
{
"db": "BID",
"id": "31642"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002357"
},
{
"db": "PACKETSTORM",
"id": "70765"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-185"
},
{
"db": "NVD",
"id": "CVE-2008-4545"
}
]
},
"id": "VAR-200810-0359",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-34670"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:09:30.943000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "107983",
"trust": 0.8,
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a0d861.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002357"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34670"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002357"
},
{
"db": "NVD",
"id": "CVE-2008-4545"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/31642"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_response09186a0080a0d861.html"
},
{
"trust": 1.7,
"url": "http://www.voipshield.com/research-details.php?id=130"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1021022"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32187"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2771"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45742"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4545"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4545"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/45742"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/2771"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20081008-unity.shtml"
},
{
"trust": 0.4,
"url": "http://www.voipshield.com/research-details.php?id=130\u0026s=1\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=desc"
},
{
"trust": 0.4,
"url": "http://www.voipshield.com/research-details.php?id=128\u0026s=1\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=desc"
},
{
"trust": 0.3,
"url": "http://www.cisco.com"
},
{
"trust": 0.3,
"url": "http://www.voipshield.com/research-details.php?id=129\u0026s=1\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=desc"
},
{
"trust": 0.3,
"url": "http://www.voipshield.com/research-details.php?id=127\u0026s=1\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=desc"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20082/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/support/downloads/go/redirect.x?mdfid=274246502"
},
{
"trust": 0.1,
"url": "http://secunia.com/binary_analysis/sample_analysis/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/4386/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20083/"
},
{
"trust": 0.1,
"url": "http://www.voipshield.com/research-details.php?id=126\u0026s=1\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=desc"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/32187/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20081008-unity.shtml"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34670"
},
{
"db": "BID",
"id": "31642"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002357"
},
{
"db": "PACKETSTORM",
"id": "70765"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-185"
},
{
"db": "NVD",
"id": "CVE-2008-4545"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-34670"
},
{
"db": "BID",
"id": "31642"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002357"
},
{
"db": "PACKETSTORM",
"id": "70765"
},
{
"db": "CNNVD",
"id": "CNNVD-200810-185"
},
{
"db": "NVD",
"id": "CVE-2008-4545"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-10-13T00:00:00",
"db": "VULHUB",
"id": "VHN-34670"
},
{
"date": "2008-10-08T00:00:00",
"db": "BID",
"id": "31642"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002357"
},
{
"date": "2008-10-10T16:17:34",
"db": "PACKETSTORM",
"id": "70765"
},
{
"date": "2008-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200810-185"
},
{
"date": "2008-10-13T20:00:02.463000",
"db": "NVD",
"id": "CVE-2008-4545"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-34670"
},
{
"date": "2016-07-05T22:01:00",
"db": "BID",
"id": "31642"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002357"
},
{
"date": "2008-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200810-185"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-4545"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200810-185"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unity Vulnerable to obtaining confidential information",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002357"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200810-185"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…