Vulnerability Database

313,359

Total vulnerabilities in the database

CVE-2014-3333

The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an "HTTP Intercept" attack and leveraging the ability to read files within the context of the web-server user account, aka Bug ID CSCup41014.

Published: Aug 11, 2014
Updated: Nov 9, 2025
CVE: CVE-2014-3333
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
cisco / unity_connection	9.1(2)	9.1(2).x
cisco / unity_connection	9.1(1)	9.1(1).x

http://secunia.com/advisories/59768
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3333
http://tools.cisco.com/security/center/viewAlert.x?alertId=35200
http://www.securityfocus.com/bid/69074
http://www.securitytracker.com/id/1030688
https://exchange.xforce.ibmcloud.com/vulnerabilities/95135

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo