Vulnerability Details CVE-2014-3317
Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 85.3%
CVSS Severity
CVSS v2 Score 5.5
References
- http://secunia.com/advisories/59727
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3317
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34898
- http://www.securityfocus.com/bid/68481
- http://www.securitytracker.com/id/1030554
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94435
- http://secunia.com/advisories/59727
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3317
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34898
- http://www.securityfocus.com/bid/68481
- http://www.securitytracker.com/id/1030554
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94435
Products affected by CVE-2014-3317
-
cpe:2.3:a:cisco:unified_communications_manager:10.0(1)