CVE Vulnerabilities

CVE-2014-0731

Published: Feb 22, 2014 | Modified: Sep 09, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java class files via a direct request, aka Bug ID CSCum46497.

Affected Software

Name Vendor Start Version End Version
Unified_communications_manager Cisco 4.2.3sr2 4.2.3sr2
Unified_communications_manager Cisco 3.3(5) 3.3(5)
Unified_communications_manager Cisco 4.1(3)sr1 4.1(3)sr1
Unified_communications_manager Cisco 10.0 10.0
Unified_communications_manager Cisco 4.2.3sr1 4.2.3sr1
Unified_communications_manager Cisco 4.1(3)sr2 4.1(3)sr2
Unified_communications_manager Cisco 4.1(3) 4.1(3)
Unified_communications_manager Cisco 4.2 4.2
Unified_communications_manager Cisco 4.3 4.3
Unified_communications_manager Cisco 4.2.3 4.2.3
Unified_communications_manager Cisco 4.1(3)sr4 4.1(3)sr4
Unified_communications_manager Cisco 4.2.1 4.2.1
Unified_communications_manager Cisco 3.3(5)sr2a 3.3(5)sr2a
Unified_communications_manager Cisco 4.2.2 4.2.2
Unified_communications_manager Cisco 4.1(3)sr3 4.1(3)sr3
Unified_communications_manager Cisco 3.3(5)sr1 3.3(5)sr1
Unified_communications_manager Cisco 4.2.3sr2b 4.2.3sr2b
Unified_communications_manager Cisco * 10.0(1)

References