Cisco Unity Connection CVE-2012-0366 Remote Privilege Escalation Vulnerability
BID:52216
Info
Cisco Unity Connection CVE-2012-0366 Remote Privilege Escalation Vulnerability
| Bugtraq ID: | 52216 |
| Class: | Access Validation Error |
| CVE: |
CVE-2012-0366 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 29 2012 12:00AM |
| Updated: | Feb 29 2012 12:00AM |
| Credit: | Cisco |
| Vulnerable: |
Cisco Unity Connection 7.1 |
| Not Vulnerable: |
Cisco Unity Connection 7.1.5 Cisco Unity Connection 7.1.3b(Su2) |
Discussion
Cisco Unity Connection CVE-2012-0366 Remote Privilege Escalation Vulnerability
Cisco Unity Connection is prone to a remote privilege-escalation vulnerability. This issue is tracked by Cisco Bug ID CSCtd45141.
An authenticated attacker can exploit this issue to gain administrative access to the affected application. This may lead to a full compromise of the affected computer or aid in further attacks.
Cisco Unity Connection is prone to a remote privilege-escalation vulnerability. This issue is tracked by Cisco Bug ID CSCtd45141.
An authenticated attacker can exploit this issue to gain administrative access to the affected application. This may lead to a full compromise of the affected computer or aid in further attacks.
Exploit / POC
Cisco Unity Connection CVE-2012-0366 Remote Privilege Escalation Vulnerability
Attackers can exploit this issue using readily available tools.
Attackers can exploit this issue using readily available tools.
Solution / Fix
Cisco Unity Connection CVE-2012-0366 Remote Privilege Escalation Vulnerability
Solution:
Updates are available. Please see the references for details.
Solution:
Updates are available. Please see the references for details.
References
Cisco Unity Connection CVE-2012-0366 Remote Privilege Escalation Vulnerability
References:
References: