Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-r9g7-hffm-mwgg

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью

Описание

The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491.

The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491.

Ссылки

EPSS

Процентиль: 83%
0.0184
Низкий

CVE ID

CVE-2014-3338

Дефекты

CWE-20

Связанные уязвимости

nvd логотип

CVE-2014-3338

nvd
больше 11 лет назад

The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491.

EPSS

Процентиль: 83%
0.0184
Низкий

CVE ID

CVE-2014-3338

Дефекты

CWE-20