Lucene search

[email protected]CVE-2010-3039

HistoryNov 09, 2010 - 9:00 p.m.

CVE-2010-3039

2010-11-0921:00:00

CWE-78

[email protected]

web.nvd.nist.gov

cisco

unified communications manager

cucm

callmanager

cve-2010-3039

remote execution

vulnerability

nvd

cisco bug ids

cscti52041

cscti74930

7.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

81.9%

JSON

/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and CSCti74930.

CPENameOperatorVersion
cisco:unified_communications_managercisco unified communications managereq6.1\(3a\)
cisco:unified_communications_managercisco unified communications managereq6.1\(2\)
cisco:unified_communications_managercisco unified communications managereq6.1\(3b\)su1
cisco:unified_communications_managercisco unified communications managereq6.1\(2\)su1a
cisco:unified_communications_managercisco unified communications managereq6.1\(4\)su1
cisco:unified_communications_managercisco unified communications managereq6.1\(4\)
cisco:unified_communications_managercisco unified communications managereq6.1\(4a\)
cisco:unified_communications_managercisco unified communications managereq6.1\(3\)
cisco:unified_communications_managercisco unified communications managereq6.1\(4a\)su2
cisco:unified_communications_managercisco unified communications managereq6.1\(1\)

CPE	Name	Operator	Version
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(3a\)
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(2\)
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(3b\)su1
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(2\)su1a
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(4\)su1
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(4\)
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(4a\)
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(3\)
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(4a\)su2
cisco:unified_communications_manager	cisco unified communications manager	eq	6.1\(1\)

Rows per page:

1-10 of 431

References

seclists.org/fulldisclosure/2010/Nov/40

secunia.com/advisories/42129

tools.cisco.com/security/center/viewAlert.x?alertId=21656

www.nsense.fi/advisories/nsense_2010_003.txt

www.securityfocus.com/archive/1/514668/100/0/threaded

www.securityfocus.com/bid/44672

www.securitytracker.com/id?1024694

www.vupen.com/english/advisories/2010/2915

7.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

81.9%

JSON

Related for CVE-2010-3039

packetstorm1 securityvulns2 cvelist1 prion1