Unrated severityNVD Advisory· Published Apr 2, 2014· Updated Jun 17, 2026
CVE-2014-2125
CVE-2014-2125
Description
Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco Unity Connection 8.6(2a)SU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:cisco:unity_connection:*:\(2a\)su3:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:cisco:unity_connection:*:\(2a\)su3:*:*:*:*:*:*range: <=8.6
- cpe:2.3:a:cisco:unity_connection:8.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity_connection:8.6:\(1\):*:*:*:*:*:*
- cpe:2.3:a:cisco:unity_connection:8.6\(1a\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity_connection:8.6:\(2\):*:*:*:*:*:*
- cpe:2.3:a:cisco:unity_connection:8.6\(2a\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity_connection:8.6:\(2a\)su1:*:*:*:*:*:*
- cpe:2.3:a:cisco:unity_connection:8.6:\(2a\)su2:*:*:*:*:*:*
- (no CPE)range: <=8.6(2a)SU3
Patches
Vulnerability mechanics
References
3- tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2125nvdVendor Advisory
- tools.cisco.com/security/center/viewAlert.xnvdVendor Advisory
- www.securitytracker.com/id/1029988nvd
News mentions
0No linked articles in our index yet.