Details of VAR-200810-0359

ID

VAR-200810-0359

CVE

CVE-2008-4545

TITLE

Cisco Unity Vulnerable to obtaining confidential information

Trust: 0.8

sources: JVNDB: JVNDB-2008-002357

DESCRIPTION

Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory. Cisco Unity is prone to multiple remote vulnerabilities, including: - An information-disclosure vulnerability in the web interface - A denial-of-service vulnerability in the administration interface - A script-injection vulnerability in the web interface - Multiple denial-of-service vulnerabilities in unspecified services These issues are reported in Cisco Unity 7.0; other versions may also be affected. Cisco Unity is a voice and unified messaging platform. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Cisco Unity Multiple Vulnerabilities SECUNIA ADVISORY ID: SA32187 VERIFY ADVISORY: http://secunia.com/advisories/32187/ CRITICAL: Less critical IMPACT: Security Bypass, Exposure of sensitive information, DoS WHERE: >From local network SOFTWARE: Cisco Unity 4.x http://secunia.com/advisories/product/4386/ Cisco Unity 5.x http://secunia.com/advisories/product/20082/ Cisco Unity 7.x http://secunia.com/advisories/product/20083/ DESCRIPTION: Some vulnerabilities and a security issue have been reported in Cisco Unity, which can be exploited by malicious, local users to disclose potentially sensitive information, and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service). 1) An error exists within the authentication process in the Cisco Unity server, which can be exploited to bypass the authentication mechanism and view or modify certain system configuration parameters. 2) An error in the session handling in the Cisco Unity server can be exploited to cause a DoS by exhausting all available sessions. Successful exploitation of these vulnerabilities requires that the Cisco Unity server is configured for anonymous authentication (not the default configuration). 3) A security issue is caused due to insecure permissions on "\CommServer\Reports", which can be exploited by domain users to disclose potentially sensitive information. SOLUTION: Update to version 4.0ES161, 5.0ES53, or 7.0ES8. http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=274246502 PROVIDED AND/OR DISCOVERED BY: VoIPshield Systems ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20081008-unity.shtml http://www.cisco.com/warp/public/707/cisco-sr-20081008-unity.shtml VoIPshield: http://www.voipshield.com/research-details.php?id=126&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC http://www.voipshield.com/research-details.php?id=128&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC http://www.voipshield.com/research-details.php?id=130&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2008-4545 // JVNDB: JVNDB-2008-002357 // BID: 31642 // VULHUB: VHN-34670 // PACKETSTORM: 70765

AFFECTED PRODUCTS

vendor:	cisco	model:	unity	scope:	eq	version:	4.0	Trust: 1.6
vendor:	cisco	model:	unity	scope:	eq	version:	4.0\(4\)	Trust: 1.6
vendor:	cisco	model:	unity	scope:	eq	version:	4.0\(1\)	Trust: 1.6
vendor:	cisco	model:	unity	scope:	eq	version:	4.0\(5\)	Trust: 1.6
vendor:	cisco	model:	unity	scope:	eq	version:	4.1\(1\)	Trust: 1.6
vendor:	cisco	model:	unity	scope:	eq	version:	4.0\(3\)	Trust: 1.6
vendor:	cisco	model:	unity	scope:	eq	version:	4.0\(2\)	Trust: 1.6
vendor:	cisco	model:	unity	scope:	eq	version:	7.0	Trust: 1.3
vendor:	cisco	model:	unity	scope:	eq	version:	5.0	Trust: 1.0
vendor:	cisco	model:	unity	scope:	lte	version:	4.2\(1\)	Trust: 1.0
vendor:	cisco	model:	unity	scope:	lte	version:	5.0\(1\)	Trust: 1.0
vendor:	cisco	model:	unity	scope:	lte	version:	7.0\(2\)	Trust: 1.0
vendor:	cisco	model:	unity	scope:	lt	version:	4.2(1)es161	Trust: 0.8
vendor:	cisco	model:	unity	scope:	lt	version:	5.0(1)es53	Trust: 0.8
vendor:	cisco	model:	unity	scope:	lt	version:	7.0(2)es8	Trust: 0.8
vendor:	cisco	model:	unity	scope:	eq	version:	4.2\(1\)	Trust: 0.6
vendor:	cisco	model:	unity es8	scope:	eq	version:	7.0	Trust: 0.3
vendor:	cisco	model:	unity es53	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	unity es161	scope:	eq	version:	4.0	Trust: 0.3

sources: BID: 31642 // JVNDB: JVNDB-2008-002357 // CNNVD: CNNVD-200810-185 // NVD: CVE-2008-4545

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2008-4545
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2008-4545
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200810-185
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-34670
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2008-4545
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-34670
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-34670 // JVNDB: JVNDB-2008-002357 // CNNVD: CNNVD-200810-185 // NVD: CVE-2008-4545

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-34670 // JVNDB: JVNDB-2008-002357 // NVD: CVE-2008-4545

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200810-185

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-200810-185

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-002357

PATCH

title:

107983

url:

http://www.cisco.com/en/US/products/products_security_response09186a0080a0d861.html

Trust: 0.8

sources: JVNDB: JVNDB-2008-002357

EXTERNAL IDS

db:	NVD	id:	CVE-2008-4545	Trust: 2.8
db:	BID	id:	31642	Trust: 2.0
db:	SECUNIA	id:	32187	Trust: 1.8
db:	SECTRACK	id:	1021022	Trust: 1.7
db:	VUPEN	id:	ADV-2008-2771	Trust: 1.7
db:	JVNDB	id:	JVNDB-2008-002357	Trust: 0.8
db:	XF	id:	45742	Trust: 0.6
db:	CISCO	id:	20081008 VOIPSHIELD REPORTED VULNERABILITIES IN CISCO UNITY SERVER	Trust: 0.6
db:	CNNVD	id:	CNNVD-200810-185	Trust: 0.6
db:	VULHUB	id:	VHN-34670	Trust: 0.1
db:	PACKETSTORM	id:	70765	Trust: 0.1

sources: VULHUB: VHN-34670 // BID: 31642 // JVNDB: JVNDB-2008-002357 // PACKETSTORM: 70765 // CNNVD: CNNVD-200810-185 // NVD: CVE-2008-4545

REFERENCES

url:	http://www.securityfocus.com/bid/31642	Trust: 1.7
url:	http://www.cisco.com/en/us/products/products_security_response09186a0080a0d861.html	Trust: 1.7
url:	http://www.voipshield.com/research-details.php?id=130	Trust: 1.7
url:	http://securitytracker.com/id?1021022	Trust: 1.7
url:	http://secunia.com/advisories/32187	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2008/2771	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/45742	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4545	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4545	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/45742	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2008/2771	Trust: 0.6
url:	http://www.cisco.com/warp/public/707/cisco-sr-20081008-unity.shtml	Trust: 0.4
url:	http://www.voipshield.com/research-details.php?id=130&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=desc	Trust: 0.4
url:	http://www.voipshield.com/research-details.php?id=128&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=desc	Trust: 0.4
url:	http://www.cisco.com	Trust: 0.3
url:	http://www.voipshield.com/research-details.php?id=129&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=desc	Trust: 0.3
url:	http://www.voipshield.com/research-details.php?id=127&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=desc	Trust: 0.3
url:	http://secunia.com/advisories/product/20082/	Trust: 0.1
url:	http://tools.cisco.com/support/downloads/go/redirect.x?mdfid=274246502	Trust: 0.1
url:	http://secunia.com/binary_analysis/sample_analysis/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/product/4386/	Trust: 0.1
url:	http://secunia.com/advisories/product/20083/	Trust: 0.1
url:	http://www.voipshield.com/research-details.php?id=126&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=desc	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/32187/	Trust: 0.1
url:	http://www.cisco.com/warp/public/707/cisco-sa-20081008-unity.shtml	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-34670 // BID: 31642 // JVNDB: JVNDB-2008-002357 // PACKETSTORM: 70765 // CNNVD: CNNVD-200810-185 // NVD: CVE-2008-4545

CREDITS

VoIPshield

Trust: 0.6

sources: CNNVD: CNNVD-200810-185

SOURCES

db:	VULHUB	id:	VHN-34670
db:	BID	id:	31642
db:	JVNDB	id:	JVNDB-2008-002357
db:	PACKETSTORM	id:	70765
db:	CNNVD	id:	CNNVD-200810-185
db:	NVD	id:	CVE-2008-4545

LAST UPDATE DATE

2025-04-10T23:09:30.943000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-34670	date:	2017-08-08T00:00:00
db:	BID	id:	31642	date:	2016-07-05T22:01:00
db:	JVNDB	id:	JVNDB-2008-002357	date:	2009-07-08T00:00:00
db:	CNNVD	id:	CNNVD-200810-185	date:	2008-12-24T00:00:00
db:	NVD	id:	CVE-2008-4545	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-34670	date:	2008-10-13T00:00:00
db:	BID	id:	31642	date:	2008-10-08T00:00:00
db:	JVNDB	id:	JVNDB-2008-002357	date:	2009-07-08T00:00:00
db:	PACKETSTORM	id:	70765	date:	2008-10-10T16:17:34
db:	CNNVD	id:	CNNVD-200810-185	date:	2008-10-13T00:00:00
db:	NVD	id:	CVE-2008-4545	date:	2008-10-13T20:00:02.463