CVE-2008-4545

Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
VendorProductVersion
ciscounity
𝑥
≤ 4.2\(1\)
ciscounity
𝑥
≤ 5.0\(1\)
ciscounity
𝑥
≤ 7.0\(2\)
ciscounity
4.0
ciscounity
4.0\(1\)
ciscounity
4.0\(2\)
ciscounity
4.0\(3\)
ciscounity
4.0\(3\):sr2
ciscounity
4.0\(4\)
ciscounity
4.0\(4\):sr1
ciscounity
4.0\(5\)
ciscounity
4.1\(1\)
ciscounity
5.0
ciscounity
7.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32187
http://securitytracker.com/id?1021022
http://www.cisco.com/en/US/products/products_security_response09186a0080a0d861.html
http://www.securityfocus.com/bid/31642
http://www.voipshield.com/research-details.php?id=130
http://www.vupen.com/english/advisories/2008/2771
https://exchange.xforce.ibmcloud.com/vulnerabilities/45742
http://secunia.com/advisories/32187
http://securitytracker.com/id?1021022
http://www.cisco.com/en/US/products/products_security_response09186a0080a0d861.html
http://www.securityfocus.com/bid/31642
http://www.voipshield.com/research-details.php?id=130
http://www.vupen.com/english/advisories/2008/2771
https://exchange.xforce.ibmcloud.com/vulnerabilities/45742