Unified Communications Manager@10.0(1) Security Vulnerabilities and Issues — Unified Communications Manager@10.0(1) CVE List

Lucene search

CiscoUnified Communications Manager10.0(1)

3 matches found

CVE•added 2014/08/12 11:55 p.m.•44 views

CVE-2014-3338

The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491.

8.5CVSS7.6AI score0.0184EPSS

CVE•added 2014/07/14 9:55 p.m.•32 views

CVE-2014-3317

Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314.

5.5CVSS6.4AI score0.02717EPSS

CVE•added 2014/07/14 9:55 p.m.•30 views

CVE-2014-3319

Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676.

6.8CVSS6.3AI score0.00665EPSS