Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory.
Software | From | Fixed in |
---|---|---|
cisco / unity | - | 4.2\(1\).x |
cisco / unity | - | 5.0\(1\).x |
cisco / unity | - | 7.0\(2\).x |
cisco / unity | 4.0 | 4.0.x |
cisco / unity | 4.0(1) | 4.0(1).x |
cisco / unity | 4.0(2) | 4.0(2).x |
cisco / unity | 4.0(3) | 4.0(3).x |
cisco / unity | 4.0(3)-sr2 | 4.0(3)-sr2.x |
cisco / unity | 4.0(4) | 4.0(4).x |
cisco / unity | 4.0(4)-sr1 | 4.0(4)-sr1.x |
cisco / unity | 4.0(5) | 4.0(5).x |
cisco / unity | 4.1(1) | 4.1(1).x |
cisco / unity | 5.0 | 5.0.x |
cisco / unity | 7.0 | 7.0.x |