Vulnerability Details : CVE-2014-7988
The Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and earlier allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCur06493.
Products affected by CVE-2014-7988
- cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-7988
0.31%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 51 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-7988
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
8.0
|
2.9
|
NIST |
CWE ids for CVE-2014-7988
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-7988
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/98493
Cisco Unity Connection UMS information disclosure CVE-2014-7988 Vulnerability Report
-
http://secunia.com/advisories/62106
Sign in
-
http://www.securitytracker.com/id/1031177
Cisco Unity Connection Discloses Potentially Sensitive Information to Remote Authenticated Users - SecurityTracker
-
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7988
Cisco Unity Connection Information Disclosure VulnerabilityVendor Advisory
-
http://tools.cisco.com/security/center/viewAlert.x?alertId=36340
Cisco Unity Connection Information Disclosure VulnerabilityVendor Advisory
Jump to