exploitDog

CVE-2014-0724

Опубликовано: 13 фев. 2014

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

The bulk administration interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to bypass authentication and read arbitrary files by using an unspecified prompt, aka Bug ID CSCum05340.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0724
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32825
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0724
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32825
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*

Версия до 10.0\(1\) (включая)

cpe:2.3:a:cisco:unified_communications_manager:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 51%

0.00282

Низкий

4 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-5m93-68wm-7pmv

github

больше 3 лет назад

The bulk administration interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to bypass authentication and read arbitrary files by using an unspecified prompt, aka Bug ID CSCum05340.

EPSS

Процентиль: 51%

0.00282

Низкий

4 Medium

CVSS2

Дефекты

CWE-20