EUVD-2014-3351

Malware in sbrugna...

Cisco Unified Communications Manager 'CTIManager' Remote Command Execution (CSCum95491)

According to its self-reported version, the remote Cisco Unified Communications Manager CUCM device has a flaw in the 'CTIManager' module that allows a remote, authenticated attacker to execute arbitrary commands with elevated privileges by using a specially crafted SSO token. %NASLMINLEVEL 70300...

CVE-2014-3338

The CTIManager module in Cisco Unified Communications Manager CM 10.01, when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491...

Design/Logic Flaw

The CTIManager module in Cisco Unified Communications Manager CM 10.01, when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491...

CVE-2014-3338

The CTIManager module in Cisco Unified Communications Manager CM 10.01, when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491...

CVE-2014-3338

The CVE-2014-3338 issue affects Cisco Unified Communications Manager (CM) CTIManager. When single sign-on is enabled, Kerberos SSO tokens are not properly validated, allowing a remote authenticated attacker to execute arbitrary commands with elevated privileges using crafted token data (Bug CSCum...

Cisco Unified Communications Manager CTIManager Vulnerability

A vulnerability in the CTIManager module of Cisco Unified Communications Manager Cisco Unified CM could allow an authenticated, remote attacker to execute arbitrary commands with elevated privileges. The vulnerability is due to a failure to properly validate input contained within Kerberos single...