Описание
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.1 (включая)
Одно из
cpe:2.3:a:cisco:unified_cdm_application_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_domain_manager:-:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00728
Низкий
9 Critical
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862.
EPSS
Процентиль: 72%
0.00728
Низкий
9 Critical
CVSS2
Дефекты
CWE-264