Cisco Unity Connection: directory traversal via an attachment
Synthesis of the vulnerability
An attacker can traverse directories of Cisco Unity Connection, in order to create a file outside the service root path.Impacted products:
BID-63206, CSCuj22948, CVE-2013-5534, VIGILANCE-VUL-13620.
Description of the vulnerability
The Cisco Unity Connection (Voice Message Web Service) product can be used to send a message with an attachment.
However, the attachment name is directly inserted in an access path. Sequences such as "/.." can thus be used to go in the upper directory, in order to create a file there.
An attacker can therefore traverse directories of Cisco Unity Connection, in order to create a file outside the service root path.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides networks vulnerabilities bulletins
. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.