4

CVE-2014-0657

The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.13% 0.796
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/101800
http://secunia.com/advisories/56368
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0657
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32341
Vendor Advisory
http://www.securityfocus.com/bid/64690
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029571
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90120