Описание
The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540.
The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-0657
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90120
- http://osvdb.org/101800
- http://secunia.com/advisories/56368
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0657
- http://tools.cisco.com/security/center/viewAlert.x?alertId=32341
- http://www.securityfocus.com/bid/64690
- http://www.securitytracker.com/id/1029571
EPSS
CVE ID
Связанные уязвимости
The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540.
EPSS