4 matches found
CVE-2010-3039
/usr/local/cm/bin/pktCapprotectData in Cisco Unified Communications Manager aka CUCM, formerly CallManager 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and...
Design/Logic Flaw
/usr/local/cm/bin/pktCapprotectData in Cisco Unified Communications Manager aka CUCM, formerly CallManager 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and...
CVE-2010-3039
CVE-2010-3039 affects Cisco Unified Communications Manager (CUCM) 6–8. A setuid binary (/usr/local/cm/bin/pktCap_protectData) fails to validate command-line arguments, allowing a local, authenticated administrator to inject shell metacharacters and execute arbitrary commands. The vulnerability en...
Cisco Unified Communications Manager 8.0 - Invalid Argument Privilege Escalation
Cisco Unified Communications Manager 8.0 - Invalid Argument Privilege Escalation source: https://www.securityfocus.com/bid/44672/info Cisco Unified Communications Manager is prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain administrative access to the...