CVE-2008-4545

medium Cisco
CVSS v3 Base Score
4.0
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS Score
0.3%
Exploitation probability in 30 days
Top 49% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
None
Availability
None
Published: October 13, 2008 (6421 days ago)
Last Modified: April 23, 2026
Vendor: Cisco
Source: NVD

Description

Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory.

CWE

CWE-264

Affected Products

cisco unity

References

🔗 secunia.com 🔗 securitytracker.com 🔗 www.cisco.com 🔗 www.securityfocus.com 🔗 www.voipshield.com