Lucene search

[email protected]CVE-2014-3319

HistoryJul 14, 2014 - 9:55 p.m.

CVE-2014-3319

2014-07-1421:55:05

CWE-22

[email protected]

web.nvd.nist.gov

cve

2014

3319

directory traversal

vulnerability

cisco

unified communications manager

remote authenticated users

crafted url

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.0%

JSON

Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676.

Affected configurations

NVD

Node

ciscounified_communications_managerMatch10.0\(1\)

CPENameOperatorVersion
cisco:unified_communications_managercisco unified communications managereq10.0\(1\)

CPE	Name	Operator	Version
cisco:unified_communications_manager	cisco unified communications manager	eq	10.0\(1\)

References

secunia.com/advisories/59734

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3319

tools.cisco.com/security/center/viewAlert.x?alertId=34909

www.securitytracker.com/id/1030554

exchange.xforce.ibmcloud.com/vulnerabilities/94436

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.0%

JSON

Related for CVE-2014-3319

nvd1 cisco1 prion1 cvelist1