2 matches found
Cisco Unified Communications Manager 'CTIManager' Remote Command Execution (CSCum95491)
According to its self-reported version, the remote Cisco Unified Communications Manager CUCM device has a flaw in the 'CTIManager' module that allows a remote, authenticated attacker to execute arbitrary commands with elevated privileges by using a specially crafted SSO token. %NASLMINLEVEL 70300...
CVE-2014-3338
The CVE-2014-3338 issue affects Cisco Unified Communications Manager (CM) CTIManager. When single sign-on is enabled, Kerberos SSO tokens are not properly validated, allowing a remote authenticated attacker to execute arbitrary commands with elevated privileges using crafted token data (Bug CSCum...