Directory traversal vulnerability in the attachment service in the Voice Message Web Service (aka VMWS or Cisco Unity Web Service) in Cisco Unity Connection allows remote authenticated users to create files, and consequently execute arbitrary JSP code, via a crafted pathname for a file that is not a valid audio file, aka Bug ID CSCuj22948.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2013-10-19T10:00:00Z
Updated: 2024-09-17T00:36:13.410Z
Reserved: 2013-08-22T00:00:00Z
Link: CVE-2013-5534
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-10-19T10:36:08.167
Modified: 2024-11-21T01:57:39.413
Link: CVE-2013-5534
Redhat
No data.