2 matches found
CVE-2003-0732
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows a guest user to change the guest account to Admin on the Modify or delete users pages, potentially obtaining restricted information and administrative privileges. Affected component: CMF authentication/authorization on user-mana...
CVE-2003-0731
CMF 2.1 and earlier of CiscoWorks Common Management Foundation is affected: a guest user could obtain administrative privileges via a specific POST to com.cisco.nm.cmf.servlet.CsAuthServlet, potentially using the cmd parameter with a modifyUser value and a altered priviledges parameter. This is d...