Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to obtain sensitive information via a file-inclusion attack, aka Bug ID CSCup94744.
http://www.securitytracker.com/id/1032003
http://tools.cisco.com/security/center/viewAlert.x?alertId=38118